citigroupstore.com Open in urlscan Pro
20.88.160.189 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://citigroupstore.com/
Submission: On March 06 via automatic, source certstream-suspicious (March 6th 2023, 2:01:58 pm UTC) — Scanned from DE

Summary HTTP 163 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 46 IPs in 6 countries across 36 domains to perform 163 HTTP transactions. The main IP is 20.88.160.189, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is citigroupstore.com.
TLS certificate: Issued by R3 on March 6th 2023. Valid for: 3 months.

This is the only time citigroupstore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	20.88.160.189 20.88.160.189	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
59	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	2600:9000:214... 2600:9000:214f:7e00:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:5400:1b:ef38:3680:21	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:470... 2a02:26f0:4700:1a5::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
1	23.37.32.235 23.37.32.235	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.36.233.121 23.36.233.121	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:225... 2600:9000:2251:c200:9:fddd:fc40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	54.88.123.56 54.88.123.56	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
6	2606:4700:20:... 2606:4700:20::ac43:44bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700::68... 2606:4700::6813:bc61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
4	18.210.93.189 18.210.93.189	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9062	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.164.48.241 18.164.48.241	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
3	18.219.174.229 18.219.174.229	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:bc00:1d:bf0a:0:93a1	16509 (AMAZON-02) (AMAZON-02)
17	95.101.75.136 95.101.75.136	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
3	2600:9000:223... 2600:9000:223f:600:17:3f5c:f800:21	16509 (AMAZON-02) (AMAZON-02)
1 2	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	35.156.234.106 35.156.234.106	16509 (AMAZON-02) (AMAZON-02)
2	44.209.164.40 44.209.164.40	14618 (AMAZON-AES) (AMAZON-AES)
2	216.239.36.21 216.239.36.21	15169 (GOOGLE) (GOOGLE)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
3	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1	13.224.194.15 13.224.194.15	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:4600:3:760:2800:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:5800:17:f683:1d40:21	16509 (AMAZON-02) (AMAZON-02)
1 2	54.194.143.61 54.194.143.61	16509 (AMAZON-02) (AMAZON-02)
1	52.73.201.133 52.73.201.133	14618 (AMAZON-AES) (AMAZON-AES)
2	54.84.230.230 54.84.230.230	14618 (AMAZON-AES) (AMAZON-AES)
163	46

3 20.88.160.189 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

citigroupstore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 151.101.66.49 (United States)

ASN54113 (FASTLY, US)

sqy7rm.media.zestyio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:7e00:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:5400:1b:ef38:3680:21 (United States)

ASN16509 (AMAZON-02, US)

d21y75miwcfqoq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:4700:1a5::13b8 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.32.235 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-32-235.deploy.static.akamaitechnologies.com

cdn3.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.233.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-233-121.deploy.static.akamaitechnologies.com

a627150995.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2251:c200:9:fddd:fc40:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.88.123.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-123-56.compute-1.amazonaws.com

acornsprod-dataplane.rudderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:44bc (United States)

ASN13335 (CLOUDFLARENET, US)

aacdn.nagich.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6813:bc61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.210.93.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-93-189.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.48.241 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-48-241.cdg50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.219.174.229 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-219-174-229.us-east-2.compute.amazonaws.com

collector-4820.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:bc00:1d:bf0a:0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 95.101.75.136 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-75-136.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:600:17:3f5c:f800:21 (United States)

ASN16509 (AMAZON-02, US)

d2hrivdxn8ekm8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.82 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.234.106 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-234-106.eu-central-1.compute.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.209.164.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-164-40.compute-1.amazonaws.com

p.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2415.1e100.net

capi.acorns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-15.fra2.r.cloudfront.net

dvqigh9b7wa32.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:4600:3:760:2800:21 (United States)

ASN16509 (AMAZON-02, US)

d330aiyvva2oww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:5800:17:f683:1d40:21 (United States)

ASN16509 (AMAZON-02, US)

d1lu3pmaz2ilpx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.143.61 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-143-61.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.201.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-201-133.compute-1.amazonaws.com

logs-01.loggly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.84.230.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-230-230.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	zestyio.com sqy7rm.media.zestyio.com — Cisco Umbrella Rank: 226975	1 MB
17	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 765	112 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 372	141 KB
7	cloudfront.net d21y75miwcfqoq.cloudfront.net d2hrivdxn8ekm8.cloudfront.net dvqigh9b7wa32.cloudfront.net d330aiyvva2oww.cloudfront.net d1lu3pmaz2ilpx.cloudfront.net	23 KB
6	nagich.com aacdn.nagich.com — Cisco Umbrella Rank: 17987	22 KB
5	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 742 cdn3.optimizely.com — Cisco Umbrella Rank: 3626 a627150995.cdn.optimizely.com — Cisco Umbrella Rank: 514885 logx.optimizely.com — Cisco Umbrella Rank: 1237	124 KB
4	w55c.net 2 redirects tags.w55c.net — Cisco Umbrella Rank: 3841	2 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2955	7 KB
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 861	1 KB
3	tvpixel.com c.tvpixel.com — Cisco Umbrella Rank: 8909 p.tvpixel.com — Cisco Umbrella Rank: 1521	32 KB
3	tvsquared.com collector-4820.tvsquared.com — Cisco Umbrella Rank: 573594	9 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 357	12 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	246 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6149	622 B
3	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 4370	770 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77	437 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
3	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 12109 api.rudderlabs.com — Cisco Umbrella Rank: 5795	134 KB
3	citigroupstore.com citigroupstore.com	174 KB
2	bidr.io 1 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 6886	1 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2635
2	acorns.com capi.acorns.com — Cisco Umbrella Rank: 541707	965 B
2	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 377	2 KB
2	rudderstack.com acornsprod-dataplane.rudderstack.com — Cisco Umbrella Rank: 68540	178 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	3 KB
1	loggly.com logs-01.loggly.com — Cisco Umbrella Rank: 9759
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 628	725 B
1	t.co t.co — Cisco Umbrella Rank: 536	377 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1518	157 B
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2555	6 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 633	15 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1374	8 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 906	14 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 603	308 B
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 3185	14 KB
0	pointmediatracker.com Failed pixel.pointmediatracker.com Failed
163	36

	Domain	Requested by
59	sqy7rm.media.zestyio.com	citigroupstore.com
17	analytics.tiktok.com	citigroupstore.com analytics.tiktok.com
9	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org citigroupstore.com
6	aacdn.nagich.com	citigroupstore.com aacdn.nagich.com
4	tags.w55c.net	2 redirects citigroupstore.com
4	tags.srv.stackadapt.com	citigroupstore.com tags.srv.stackadapt.com
3	tr.snapchat.com	sc-static.net citigroupstore.com
3	d2hrivdxn8ekm8.cloudfront.net	citigroupstore.com d2hrivdxn8ekm8.cloudfront.net
3	collector-4820.tvsquared.com	citigroupstore.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com citigroupstore.com
3	www.googletagmanager.com	citigroupstore.com www.googletagmanager.com
3	www.google.de	citigroupstore.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	www.google-analytics.com	citigroupstore.com www.google-analytics.com
3	citigroupstore.com	citigroupstore.com
2	logx.optimizely.com	cdn.optimizely.com
2	segment.prod.bidr.io	1 redirects citigroupstore.com
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	capi.acorns.com	www.googletagmanager.com
2	p.tvpixel.com	c.tvpixel.com
2	secure.adnxs.com	1 redirects citigroupstore.com
2	acornsprod-dataplane.rudderstack.com	cdn.rudderlabs.com
2	api.rudderlabs.com	cdn.rudderlabs.com
2	www.google.com	citigroupstore.com
2	cdnjs.cloudflare.com	citigroupstore.com
1	logs-01.loggly.com	citigroupstore.com
1	d1lu3pmaz2ilpx.cloudfront.net	d2hrivdxn8ekm8.cloudfront.net
1	d330aiyvva2oww.cloudfront.net	d2hrivdxn8ekm8.cloudfront.net
1	dvqigh9b7wa32.cloudfront.net	d2hrivdxn8ekm8.cloudfront.net
1	analytics.twitter.com	citigroupstore.com
1	t.co	citigroupstore.com
1	alb.reddit.com	citigroupstore.com
1	cdn.pdst.fm	citigroupstore.com
1	c.tvpixel.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	region1.analytics.google.com	www.googletagmanager.com
1	d.impactradius-event.com	citigroupstore.com
1	a627150995.cdn.optimizely.com	cdn.optimizely.com
1	cdn3.optimizely.com	cdn.optimizely.com
1	cdn.optimizely.com	citigroupstore.com
1	d21y75miwcfqoq.cloudfront.net	citigroupstore.com
1	cdn.rudderlabs.com	citigroupstore.com
0	pixel.pointmediatracker.com Failed	citigroupstore.com
163	46

This site contains links to these domains. Also see Links.

Domain
app.acorns.com
app.adjust.com
www.acorns.com
store.acorns.com
www.instagram.com
twitter.com
www.facebook.com
www.finra.org
www.sipc.org
www.cambr.com
www.fdic.gov
www.onetrust.com

Subject Issuer	Validity	Valid
citigroupstore.com R3	`2023-03-06` - `2023-06-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.media.zestyio.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-13` - `2024-01-14`	a year	crt.sh
*.rudderlabs.com Amazon RSA 2048 M02	`2023-02-21` - `2023-08-12`	6 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-06-07`	a year	crt.sh
*.rudderstack.com Amazon RSA 2048 M01	`2023-03-01` - `2023-12-22`	10 months	crt.sh
*.nagich.com GTS CA 1P5	`2023-02-26` - `2023-05-27`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-07` - `2024-01-06`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-02-27` - `2023-11-07`	8 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-15`	6 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.tvsquared.com Amazon RSA 2048 M02	`2023-02-09` - `2023-09-13`	7 months	crt.sh
*.tvpixel.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-13`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-10` - `2023-04-10`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2023-01-28` - `2023-04-28`	3 months	crt.sh
capi.acorns.com GTS CA 1D4	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
misc.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
logs-01.loggly.com Starfield Secure Certificate Authority - G2	`2022-03-23` - `2023-04-24`	a year	crt.sh
logx.optimizely.com Amazon RSA 2048 M01	`2023-02-27` - `2023-08-22`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://citigroupstore.com/
Frame ID: 88398FCC20E59BFB8852F9D3FFDE3A32
Requests: 157 HTTP requests in this frame

Frame: https://a627150995.cdn.optimizely.com/client_storage/a627150995.html
Frame ID: F96F14350449EC0D25BE74C331C9376E
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=c8be0027-7179-4908-a50c-1de771b0e87e&u_scsid=2c7d6167-878c-462d-b523-28b5eff075e5&u_sclid=dd9be2be-a15d-4172-8c0c-bd883187cdcc
Frame ID: 8E31D8BD82FF929719E87746B9ABA53F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Acorns - Invest, Earn, Grow, Spend, Later | Acorns | AcornsBack ButtonSearch IconFilter Icon

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Page Statistics

163
Requests

97 %
HTTPS

47 %
IPv6

36
Domains

46
Subdomains

46
IPs

6
Countries

2461 kB
Transfer

5276 kB
Size

51
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://app.acorns.com/
Title: Log in

Search URL Search Domain Scan URL

URL: https://app.adjust.com/2bfkli_luqqxi?fallback=https%3A%2F%2Facorns.com%2Ftier-signup?key=GOLD
Title: Get started

Search URL Search Domain Scan URL

URL: https://app.adjust.com/2bfkli_luqqxi?fallback=https%3A%2F%2Fsignup.acorns.com%2Fselect-tier
Title: Download

Search URL Search Domain Scan URL

URL: https://app.adjust.com/s1mjg4g_4oq5ari?fallback=https://www.acorns.com/tier-signup?key=GOLD
Title: Get started

Search URL Search Domain Scan URL

URL: https://app.adjust.com/2bfkli_luqqxi?fallback=https://www.acorns.com/tier-signup?key=GOLD
Title: Get the app

Search URL Search Domain Scan URL

URL: https://app.adjust.com/i2tk2y3_6va07pm?fallback=https://www.acorns.com/tier-signup?key=GOLD
Title: Get started

Search URL Search Domain Scan URL

URL: https://app.adjust.com/2frog1d_tjj61hy?fallback=https%3A%2F%2Fwww.acorns.com%2Ftier-signup%3Fkey%3DGOLD
Title: Sign up today

Search URL Search Domain Scan URL

URL: https://app.adjust.com/lu9nsui_ww57nnm?fallback=https://www.acorns.com/tier-signup?key=GOLD
Title: Sign up today

Search URL Search Domain Scan URL

URL: https://www.acorns.com/invest/
Title: Invest for your future

Search URL Search Domain Scan URL

URL: https://www.acorns.com/later/
Title: Later starts today

Search URL Search Domain Scan URL

URL: https://www.acorns.com/earn/
Title: Earn extra money

Search URL Search Domain Scan URL

URL: https://www.acorns.com/early
Title: Early investors

Search URL Search Domain Scan URL

URL: https://www.acorns.com/banking/
Title: Bank smarter

Search URL Search Domain Scan URL

URL: https://www.acorns.com/about/
Title: About

Search URL Search Domain Scan URL

URL: https://www.acorns.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.acorns.com/press/
Title: Press

Search URL Search Domain Scan URL

URL: https://www.acorns.com/oak-trees-planted/
Title: Oak Trees Planted

Search URL Search Domain Scan URL

URL: https://www.acorns.com/pricing/
Title: Pricing

Search URL Search Domain Scan URL

URL: https://store.acorns.com/
Title: Store

Search URL Search Domain Scan URL

URL: https://www.acorns.com/terms/
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.acorns.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.instagram.com/acorns/

Search URL Search Domain Scan URL

URL: https://twitter.com/acorns

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AcornsGrow/

Search URL Search Domain Scan URL

URL: https://www.finra.org/#/
Title: FINRA

Search URL Search Domain Scan URL

URL: https://www.sipc.org/
Title: SIPC

Search URL Search Domain Scan URL

URL: https://www.cambr.com/bank-list
Title: https://www.cambr.com/bank-list

Search URL Search Domain Scan URL

URL: https://www.fdic.gov/resources/deposit-insurance/
Title: https://www.fdic.gov/resources/deposit-insurance/

Search URL Search Domain Scan URL

URL: https://www.acorns.com/disclosures
Title: Disclosures

Search URL Search Domain Scan URL

URL: https://www.acorns.com/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://app.adjust.com/lk0lfh8_l7g8ijs?fallback=https://www.acorns.com/tier-signup?key=GOLD
Title: Get started

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115

https://secure.adnxs.com/seg?add=15687583&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D15687583%26t%3D1

Request Chain 118

https://tags.w55c.net/rs?id=e32f39edb7d04b5da4e7315de9538eaf&t=homepage&gtmcb=207119292 HTTP 302
https://tags.w55c.net/rs?sccid=348d8dd4-6182-b5d3-9dd2-73424d1fc45f&scc=1&id=e32f39edb7d04b5da4e7315de9538eaf&t=homepage&gtmcb=207119292

Request Chain 119

https://tags.w55c.net/rs?id=3d8d9cf507da43849ba6240d648eb887&t=homepage&gtmcb=1201455173 HTTP 302
https://tags.w55c.net/rs?sccid=5e09f727-0124-ed08-e238-76587692bc6d&scc=1&id=3d8d9cf507da43849ba6240d648eb887&t=homepage&gtmcb=1201455173

Request Chain 139

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-2452&value=&uncacheplz=4784734933 HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-2452&value=&uncacheplz=4784734933&_bee_ppp=1

163 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
citigroupstore.com/ 139 KB
37 KB 411ms
182ms Document
text/html 20.88.160.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://citigroupstore.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.88.160.189 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2614c2050d16d36a75a5f3fb59fe6b7490a844ae0c959c6b3c2e4a6641991d68

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.acorns.com https://.acorns.io https://*.zesty.io https://solve-widget.forethought.ai

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21635
cache-control: no-cache
content-encoding: gzip
content-language: en-us
content-length: 35960
content-security-policy: frame-ancestors 'self' https://*.acorns.com https://*.acorns.io https://*.zesty.io https://solve-widget.forethought.ai
content-type: text/html; charset=UTF-8
date: Mon, 06 Mar 2023 14:01:51 GMT
edge-cache-tag: 8-4bf69f2-156d5j, 8354671, 8-4bf69f2-156d5j, 6-5859d56-8471fx, 11-5859d5d-hsmg1, 6-f8ee8cb1fb-ttrb3j, 7-809ae4f8fe-21c60d, 11-cefb8d8cfc-qj813s, 11-fcbabdcceb-t1f00g, 11-baaeffefa8-s58hrf, 11-f899de9dcb-2g78j2, 11-5859d5d-s8n4w, 11-aced90fc90-7gz7s7, 11-b6e9a885eb-ssc0h8, 11-c0edd0b2b2-vlfg6h, 11-5859d5d-xdvt8h, 11-dedfddb5db-8npksk, 11-aec4b3a2c2-lf3t7b, 6-f6afb1bba2-w9p2zv, 6-5859d56-945ggn, 6-5859d56-18ljzb, 6-5859d56-pwtnh0, 6-80e3fcc5ae-jzr3g6, 6-a0daf1ce9e-vhgzvp, 6-bcbab5a8c0-l8vsl8, 6-a490fff8d2-hnvm3h, 6-c694cdd1c7-gqscl4, 6-ee81ecadcf-j414l3, 6-d88dfef9f8-0x43v4, 6-e6f1b7d7ae-zbfj3g, 6-dadb90aae1-djw4qw, 6-8688dfa481-0xh7d7, 6-bcaadc8ac1-kr8x2c, 6-c89189b0d6-c79c74, 6-bee6efd5a5-vzxzqb, 6-94d9feb0db-q8hs51, 6-e09cdc88a6-87hdsx
referrer-policy: no-referrer
vary: Accept-Encoding
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-bereq-between-bytes-timeout: 0.000
x-bereq-connect-timeout: 0.000
x-bereq-first-byte-timeout: 0.000
x-bereq-proto: HTTP/1.1
x-bereq-request: GET
x-bereq-url: /
x-beresp-cacheable: 1
x-beresp-proto: HTTP/1.1
x-beresp-response: OK
x-beresp-status: 200
x-cache: HIT, HIT
z-branch: live
z-cdn: FASTLY
z-content-version: 36:9-ee97e8edaa-xsknpr
z-content-zuid: 7-809ae4f8fe-21c60d
z-engine: WebEngine
z-v: pa-021723-a
z-zuid: 8-4bf69f2-156d5j

GET
H/1.1 200
OK site.css
citigroupstore.com/ 552 KB
87 KB 166ms
95ms Stylesheet
text/css 20.88.160.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://citigroupstore.com/site.css?v=c83683c3fe5d1cc1173f08b178c6e4b5

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.88.160.189 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aba5d357125391f2f6c5e6f058ed6a57c3a46442da3450edd26ca4ff68baf8df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.acorns.com https://.acorns.io https://*.zesty.io https://solve-widget.forethought.ai

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.acorns.com https://*.acorns.io https://*.zesty.io https://solve-widget.forethought.ai
content-encoding: gzip
via: 1.1 google, 1.1 varnish, 1.1 varnish
date: Mon, 06 Mar 2023 14:01:51 GMT
z-zuid: 8-4bf69f2-156d5j
x-bereq-connect-timeout: 0.000
age: 21634
edge-cache-tag: 8-4bf69f2-156d5j, 8354671, 8-4bf69f2-156d5j, 6-5859d56-8471fx, 8-4bf69f2-156d5j-css
x-cache: HIT, HIT
x-bereq-url: /site.css?v=c83683c3fe5d1cc1173f08b178c6e4b5
z-v: pa-021723-a
x-bereq-request: GET
x-beresp-status: 200
content-length: 87709
z-engine: WebEngine
pragma: max-age=604800
z-cdn: FASTLY
z-branch: live
referrer-policy: no-referrer
x-bereq-proto: HTTP/1.1
x-beresp-cacheable: 1
x-bereq-between-bytes-timeout: 0.000
vary: Accept-Encoding
content-language: en-us
content-type: text/css; charset=UTF-8
cache-control: max-age=604800, public
x-bereq-first-byte-timeout: 0.000
x-beresp-proto: HTTP/1.1
accept-ranges: bytes
x-beresp-response: OK
expires: Mon, 13 Mar 2023 08:01:16 GMT

GET
H/1.1 200
OK site.js Show response
citigroupstore.com/ 130 KB
50 KB 369ms
186ms Script
text/javascript 20.88.160.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://citigroupstore.com/site.js?v=a9845422fa10836c757fcf19a7af08a7

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.88.160.189 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7ac55225e5b3b5f2d76799f5a1cea7cbb9b6f7d7645298eb65c475930af7d45a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.acorns.com https://.acorns.io https://*.zesty.io https://solve-widget.forethought.ai

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.acorns.com https://*.acorns.io https://*.zesty.io https://solve-widget.forethought.ai
content-encoding: gzip
via: 1.1 google, 1.1 varnish, 1.1 varnish
date: Mon, 06 Mar 2023 14:01:51 GMT
z-zuid: 8-4bf69f2-156d5j
x-bereq-connect-timeout: 0.000
age: 21634
edge-cache-tag: 8-4bf69f2-156d5j, 8354671, 8-4bf69f2-156d5j, 6-5859d56-8471fx, 8-4bf69f2-156d5j-js
x-cache: MISS, HIT
x-bereq-url: /site.js?v=a9845422fa10836c757fcf19a7af08a7
z-v: pa-021723-a
x-bereq-request: GET
x-beresp-status: 200
content-length: 50222
z-engine: WebEngine
pragma: max-age=604800
z-cdn: FASTLY
z-branch: live
referrer-policy: no-referrer
x-bereq-proto: HTTP/1.1
x-beresp-cacheable: 1
x-bereq-between-bytes-timeout: 0.000
vary: Accept-Encoding
content-language: en-us
content-type: text/javascript; charset=UTF-8
cache-control: max-age=604800, public
x-bereq-first-byte-timeout: 0.000
x-beresp-proto: HTTP/1.1
accept-ranges: bytes
x-beresp-response: OK
expires: Mon, 13 Mar 2023 08:01:17 GMT

GET
H2 200 countUp.min.js Show response
cdnjs.cloudflare.com/ajax/libs/countup.js/1.9.3/ 4 KB
2 KB 30ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/countup.js/1.9.3/countUp.min.js

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feccc42c28138eb5a796542c816b41755d811818695a903de53ec8f435957a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2880709
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1240
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-ee7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsYu4Q8n1tQcxfIXNfEByKpMqomBo1Qk9Y36b2URA9WVBshH%2BhA3TOQG%2FWy47SbY03t3p1s679rERIJeXLNy%2FXzx7sBkwFZSZtmiXKhLpmqA7EAQIpXg8z1oVOTrJ5cNfwpR0AEcyuZUjq56QUaF5GdO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a3b220fc96836dd-FRA
expires: Sat, 24 Feb 2024 14:01:51 GMT

GET
H2 200 App-Icon.B1s9Xy3z9.svg
sqy7rm.media.zestyio.com/ 1 KB
1 KB 30ms
6ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/App-Icon.B1s9Xy3z9.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d315f1c89efd270e5c3360d57da89ba7b3d2db07cd19558a6f1bee0a4a1146a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:51 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1117157
x-cache: HIT, HIT
content-length: 692
last-modified: Sat, 26 Mar 2022 00:51:30 GMT
server: UploadServer
etag: "bfe36219da7351c2b03f1399b0312b6f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=9VQHXQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 16:42:34 GMT

GET
H2 200 rudder-analytics.min.js Show response
cdn.rudderlabs.com/v1/ 459 KB
133 KB 63ms
9ms Script
text/javascript 2600:9000:214f:7e00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v1/rudder-analytics.min.js
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7e00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29abc0ced159dd0cd79de50a96fadb71029bf9d7489abfba36b6845178bc31aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 13:53:44 GMT
content-encoding: gzip
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
last-modified: Thu, 02 Mar 2023 11:25:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 489
x-amz-server-side-encryption: AES256
etag: W/"29e4b57ca016da0573705dd33ce7e939"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: q6tMlt044aSIZyts74A5IamElo1DPGlUZfQxW7dXUKwffHmCssbJYA==

GET
H2 200 f724cd6e
d21y75miwcfqoq.cloudfront.net/ 68 B
437 B 646ms
603ms Image
image/png 2600:9000:2250:5400:1b:ef38:3680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d21y75miwcfqoq.cloudfront.net/f724cd6e
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5400:1b:ef38:3680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citigroupstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:53 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 21:18:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "91e42db1c66c0b276abf6234dc50b2eb"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 68
x-amz-cf-id: GiP5V3Pjs4lWpOsTf7yiqiajqgY5-HotllA5kj_boNwzHzllbQy3_g==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
8ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Mar 2023 13:19:39 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2532
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 06 Mar 2023 15:19:39 GMT

GET
H2 200 9730220283.js Show response
cdn.optimizely.com/js/ 424 KB
121 KB 198ms
153ms Script
text/javascript 2a02:26f0:4700:1a5::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/9730220283.js

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:1a5::13b8 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

00dcef63c2f4f4dac6f8f64fd9ae07a8ca19ab32702d1fcb5fe90b74dcb81612

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: hf2sCJMFB0B6VKwtYNMuladkx.kBLXPF
content-encoding: gzip
date: Mon, 06 Mar 2023 14:01:51 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: 634F106XJ5YS2QV0
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 8384
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=23, origin; dur=113, cdn;desc="AkamaiION";dur=0,rtt;desc="13";dur=0,cdnip;desc="2a02:26f0:4700:1a5::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="466142_399797973_1231854091_13574_2666_12_0";dur=1
content-length: 122443
x-amz-id-2: i4d364V/sM/+QAyMHJOH98aB4dCJdaocA2lL1OanHh0ml56LzQVfz5MmwrZ3/vbtpNXiGrh5Yfs=
last-modified: Fri, 03 Mar 2023 16:34:18 GMT
server: AmazonS3
etag: "065fa5382958a5eb886bb5d1c07f805d"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 14ms
13ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1659095512&t=pageview&_s=1&dl=https%3A%2F%2Fcitigroupstore.com%2F&ul=en-us&de=UTF-8&dt=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1653057034&gjid=360988972&cid=121335352.1678111312&tid=UA-46142661-9&_gid=161947696.1678111312&_r=1&_slc=1&z=1813383204

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 14:01:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://citigroupstore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-46142661-9&cid=121335352.1678111312&jid=1653057034&gjid=360988972&_gid=161947696.1678111312&_u=IEBAAEAAAAAAACAAI~&z=1007081366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Mar 2023 14:01:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://citigroupstore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 117ms
54ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-46142661-9&cid=121335352.1678111312&jid=1653057034&_u=IEBAAEAAAAAAACAAI~&z=1745453442

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 14:01:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 118ms
55ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-46142661-9&cid=121335352.1678111312&jid=1653057034&_u=IEBAAEAAAAAAACAAI~&z=1745453442

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 14:01:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK geo4.js Show response
cdn3.optimizely.com/js/ 310 B
792 B 44ms
12ms Script
application/javascript 23.37.32.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.optimizely.com/js/geo4.js
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/9730220283.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.37.32.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-32-235.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f9502b1f15efef884470d78697ab93d2b75c9912d1e04d9729e66f3b74c7451c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
Date: Mon, 06 Mar 2023 14:01:52 GMT
Server: AmazonS3
x-amz-request-id: DVJHTHDR9P3YFV07
x-amz-server-side-encryption: AES256
ETag: "8777c006589ecabfa3d63a6b5bf24393"
Content-Type: application/javascript
Cache-Control: max-age=53450
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 310
x-amz-id-2: lFDaugG6s6YidIuugm+hsMZOkgtLz0yIE6dxWwdwOZC2UPhoA6xND7ORws/YAPvDBf+NR2xlKKM=

GET
H2 200 a627150995.html Show response
a627150995.cdn.optimizely.com/client_storage/ Frame F96F 2 KB
2 KB 177ms
120ms Document
text/html 23.36.233.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a627150995.cdn.optimizely.com/client_storage/a627150995.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/9730220283.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.233.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-233-121.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

58db23671c6a4f7fff5808d97349f70655acece47d1231aba9358e6aab42bf49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 844
content-type: text/html; charset=utf-8
date: Mon, 06 Mar 2023 14:01:52 GMT
etag: "1ce2ca76daf21d6992b805c976adb485"
last-modified: Fri, 03 Mar 2023 16:34:10 GMT
server: AmazonS3
server-timing: cdn-cache; desc=REVALIDATE edge; dur=15 origin; dur=95 cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="23.36.233.121";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="466142_3245104775_162548912_11034_1445_5_0";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-amz-id-2: uza6ttO4BSM6VYPCsbHrWjVId+MMFJP0TL6XD4UnrcalilOeLKZ+ni3u3rydRoiS4x4tG2Rl5bU=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: QG31QA6HG7YA8ZTH
x-amz-server-side-encryption: AES256
x-amz-version-id: nSD5ZMEnyuXykLgWzmAHLzD8HOKRZeJg

GET
H2 200 main-min.ryQgJnztE.js Show response
sqy7rm.media.zestyio.com/ 1 KB
625 B 6ms
6ms Script
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sqy7rm.media.zestyio.com/main-min.ryQgJnztE.js
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8fb6c11e0f3341fdd069c14ac9a75a51d4a396797042b70fc98ebb294f8fbbba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5262716
x-cache: HIT, HIT
content-length: 459
last-modified: Wed, 03 Apr 2019 22:08:43 GMT
server: UploadServer
etag: "9ec7bcf40d4f8aaa2925ead687092bd8"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
x-hash: crc32c=rIPO3w==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 17:09:55 GMT

GET
H2 200 Acorns-Logo.svg
sqy7rm.media.zestyio.com/ 1 KB
795 B 8ms
7ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Acorns-Logo.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 784840d9d1a513f94b88db1c951f063e43a99760e773dfea3d2844a376abe39e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5279543
x-cache: HIT, HIT
content-length: 657
last-modified: Sat, 19 Mar 2022 04:17:27 GMT
server: UploadServer
etag: "4da172676eaa361cb1a4e17b324252a2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=shYVZg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 12:29:28 GMT

GET
H2 200 Downward-Carat.svg
sqy7rm.media.zestyio.com/ 205 B
281 B 11ms
8ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Downward-Carat.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7bc7dc9400a4019451249f9866bd8790a43dd5b654baecb0dcde3b2c25a02302

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4234540
x-cache: HIT, HIT
content-length: 168
last-modified: Tue, 16 Mar 2021 00:40:20 GMT
server: UploadServer
etag: "cdfc4747c0a6b879cf6f52eba2e91577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=s2FxEQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Jan 2023 14:46:12 GMT

GET
H2 200 Invest-Icon-24x24.svg
sqy7rm.media.zestyio.com/ 712 B
650 B 10ms
7ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Invest-Icon-24x24.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e567b8b9e08f170c9979849d5d0d67c51eafd081ded94ac9ee5ea7c03f037807

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4234539
x-cache: HIT, HIT
content-length: 361
last-modified: Tue, 23 Mar 2021 00:05:53 GMT
server: UploadServer
etag: "030a5a74a6a7f32a24f3b8b4184d6bb1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=1OOPig==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Jan 2023 14:46:12 GMT

GET
H2 200 Later-Icon.svg
sqy7rm.media.zestyio.com/ 1 KB
750 B 9ms
7ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Later-Icon.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c6790cd984cc24f4057ddc964ca8b1d85b785c4f5f8b1dc401559ae436dd1c1e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 7798077
x-cache: HIT, HIT
content-length: 611
last-modified: Sat, 20 Mar 2021 00:21:35 GMT
server: UploadServer
etag: "9bf2644f9b9ab6f29cbe293f70435dc7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=UtHMWw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 08:53:55 GMT

GET
H2 200 Early-icon-24x24.svg
sqy7rm.media.zestyio.com/ 2 KB
1 KB 10ms
7ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Early-icon-24x24.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f7f4dcb9aa0f19ef4c2698b08ecfb7a35d6ed2edd8e39aa2823e3ba3fdfbc673

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3462350
x-cache: HIT, HIT
content-length: 872
last-modified: Tue, 23 Mar 2021 00:03:29 GMT
server: UploadServer
etag: "23c273a9f4f6680ed47fe83e9f68e47c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=KA8Nvg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 13:16:01 GMT

GET
H2 200 Sustainable-Icon-24x24.svg
sqy7rm.media.zestyio.com/ 1 KB
933 B 8ms
5ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Sustainable-Icon-24x24.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a6be138938d984e8c10dec4d55ae5b228f17c92ee02cab20fde11dc66e7828b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1753034
x-cache: HIT, HIT
content-length: 689
last-modified: Tue, 23 Mar 2021 00:04:53 GMT
server: UploadServer
etag: "dad9ac0348535f954a203ce08280dd71"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=NiHaPg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 08:04:37 GMT

GET
H2 200 CryptoIcon--1-.svg
sqy7rm.media.zestyio.com/ 4 KB
2 KB 10ms
8ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/CryptoIcon--1-.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e44e306e5b4a97134efdfae048a945c7f5149007df4c189f174cb08b1d81133b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3488307
x-cache: HIT, HIT
content-length: 2010
last-modified: Sat, 19 Mar 2022 22:55:55 GMT
server: UploadServer
etag: "f1f1247626ac8be534d804582e0b8962"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=CVoKxA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 06:03:25 GMT

GET
H2 200 Acorns-Logo-With-Text-2022.svg
sqy7rm.media.zestyio.com/ 12 KB
6 KB 8ms
6ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Acorns-Logo-With-Text-2022.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a345c970494710261e47692b0b1067a67c2a3ad6f318677aa53615b26d730d28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1729142
x-cache: HIT, HIT
content-length: 5534
last-modified: Sat, 26 Mar 2022 00:49:35 GMT
server: UploadServer
etag: "885a010bc5039da0cb066799441c5654"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=xHiEmA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 14:42:50 GMT

GET
H2 200 Acorns-Logo-No-Text-Updt-2022.svg
sqy7rm.media.zestyio.com/ 12 KB
6 KB 8ms
6ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Acorns-Logo-No-Text-Updt-2022.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8079a353a5c1162151c2f582b9604eadcbee46ba4ec0124bc0afeb898d98765c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5214323
x-cache: HIT, HIT
content-length: 5652
last-modified: Sat, 26 Mar 2022 00:58:19 GMT
server: UploadServer
etag: "2a63966f5fc4e064e0f189284f79ea6f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=Dpuarg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:36:29 GMT

GET
H2 200 Envoy-Home-Hero-2.png
sqy7rm.media.zestyio.com/ 3 KB
3 KB 21ms
8ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Hero-2.png?width=50&fit=bounds
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 295696e28d5eeecf685825f1435d2c124a2c2e5368bd3f34d61821c32ae4c65a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 1723750
x-cache: HIT, HIT
fastly-io-info: ifsz=474109 idim=1500x948 ifmt=png ofsz=3270 odim=50x32 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 3270
server: UploadServer
etag: "OEUahdpeEog5mOtLBFwa0bBN9Ea2IohpIiVm+uhXCyQ"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=b5/f5Q==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 16:12:42 GMT

GET
H2 200 Envoy-Home-Hero-Mobile.png
sqy7rm.media.zestyio.com/ 4 KB
4 KB 27ms
14ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Hero-Mobile.png?width=50&fit=bounds
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2d7682cac32a8f223208b6511817e870d52e306fc0d58e1c48dcc7e037a98976

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 4231070
x-cache: HIT, HIT
fastly-io-info: ifsz=144432 idim=640x1167 ifmt=png ofsz=4366 odim=50x91 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 4366
server: UploadServer
etag: "ZS0LiOcaFHSnHG9nr+fAvIK4AbhO2QKGWe9+fSkqnM0"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=Lokw+A==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Jan 2023 15:44:01 GMT

GET
H2 200 Envoy-Home-Hero-Subs-Carousel-Icon-1.svg
sqy7rm.media.zestyio.com/ 975 B
506 B 22ms
9ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Carousel-Icon-1.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0b595dfd05d9cdd5ee752924ede31787e76af6bb348e72a2f43870a5a847ca75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4237365
x-cache: HIT, HIT
content-length: 390
last-modified: Mon, 13 Jun 2022 20:55:33 GMT
server: UploadServer
etag: "250f675d72ee19851be81796848c336c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=dUyy8Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Jan 2023 13:59:07 GMT

GET
H2 200 Envoy-Home-Hero-Subs-Carousel-Icon-2.svg
sqy7rm.media.zestyio.com/ 2 KB
835 B 25ms
13ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Carousel-Icon-2.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8311a776c5a7cfe3c6ae9ca3786b2a7451a94d1120413541eab75f651b6cfb3b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1672170
x-cache: HIT, HIT
content-length: 695
last-modified: Mon, 13 Jun 2022 20:55:33 GMT
server: UploadServer
etag: "b96db965af94de18393538a4fa9f5a9e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=mtdF+A==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 06:32:21 GMT

GET
H2 200 Envoy-Home-Hero-Subs-Carousel-Icon-3.svg
sqy7rm.media.zestyio.com/ 2 KB
1 KB 21ms
8ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Carousel-Icon-3.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da907d461569c62968aaf23080b068a05e9f8e3a296f242c5882880003d9d888

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1741453
x-cache: HIT, HIT
content-length: 930
last-modified: Mon, 13 Jun 2022 20:55:33 GMT
server: UploadServer
etag: "8b579c345625542b07c18af26f6d1a6e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=7OBeZQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 11:17:39 GMT

GET
H2 200 Envoy-Home-Hero-Subs-Carousel-Icon-4.png
sqy7rm.media.zestyio.com/ 704 B
1 KB 20ms
7ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Carousel-Icon-4.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 952c3304ae0979a82e4e53cc49d7172f544974adfbc5808623eaa190b125a9ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 4143535
x-cache: HIT, HIT
fastly-io-info: ifsz=1123 idim=48x48 ifmt=png ofsz=704 odim=48x48 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 704
server: UploadServer
etag: "l7ElGjE+VQ64TTEknw6a+DnXCy3wRbvuo4/ePMyiAP4"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=B/EM9A==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 16:02:57 GMT

GET
H2 200 Envoy-Home-Personal-Investing--1-.png
sqy7rm.media.zestyio.com/ 23 KB
24 KB 21ms
9ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Personal-Investing--1-.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7caf2ffab2b945584b22795222c15f55b167d58891bbc7a9279e2c15801a1d0f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 2949692
x-cache: HIT, HIT
fastly-io-info: ifsz=30113 idim=1195x1079 ifmt=png ofsz=23656 odim=1195x1079 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 23656
server: UploadServer
etag: "db9rv72hYDb1IrZiKrJby5WbbqVb42Dk99qsRv9CzpQ"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=vxawdQ==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 11:40:20 GMT

GET
H2 200 Envoy-Home-Later--1-.png
sqy7rm.media.zestyio.com/ 22 KB
22 KB 26ms
14ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Later--1-.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a2f8546640817d5f53cfd1a24fc5b20d91d8a8fbe63e4c799d0394c6e7e4d42d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 4782190
x-cache: HIT, HIT
fastly-io-info: ifsz=29010 idim=1195x1079 ifmt=png ofsz=22508 odim=1195x1079 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 22508
server: UploadServer
etag: "fcn/mK/4ctXIrfkquyqvaJ4oRqn3uuWh38YjAXEWPWg"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=MgjBjw==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Jan 2023 06:38:41 GMT

GET
H2 200 Envoy-Home-Early--1-.png
sqy7rm.media.zestyio.com/ 25 KB
25 KB 17ms
6ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Early--1-.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7ab366f44b70a0614d8da647ee1b296e4493cfd414c12996d3f6b31bd8b0a494

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 4175256
x-cache: HIT, HIT
fastly-io-info: ifsz=32222 idim=1195x1079 ifmt=png ofsz=25398 odim=1195x1079 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 25398
server: UploadServer
etag: "+XzJ6YTBp0hnvs7isJEriS7ASLovmemBV7XXRndBCpE"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=cCbXUg==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 07:14:16 GMT

GET
H2 200 Envoy-Home-Banking--1-.png
sqy7rm.media.zestyio.com/ 25 KB
26 KB 28ms
15ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Banking--1-.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 50d260c2bdcd019b2ffa054f88f0c2c646acea7bc87d7f34985980661c1cb6b5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 2329327
x-cache: HIT, HIT
fastly-io-info: ifsz=33267 idim=1195x1079 ifmt=png ofsz=25874 odim=1195x1079 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 25874
server: UploadServer
etag: "lPzDUH8hTZ142+1AFUAFkbErJU7F4Vd/1hWrYpmrqtE"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=PspopA==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 15:59:44 GMT

GET
H2 200 Envoy-Home-Hero-Subs-Icon-1.svg
sqy7rm.media.zestyio.com/ 14 KB
5 KB 27ms
15ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Icon-1.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 98e83da38f5b35d0406dfcb897da76d523d1061095f8925e17489cbebddc8ba8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4170513
x-cache: HIT, HIT
content-length: 5247
last-modified: Mon, 13 Jun 2022 20:55:34 GMT
server: UploadServer
etag: "68f1281fa617aab6cdcdf3ebeabc068f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=ahCY+w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 08:33:18 GMT

GET
H2 200 Envoy-Home-Hero-Subs-Icon-2.png
sqy7rm.media.zestyio.com/ 22 KB
22 KB 31ms
19ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Icon-2.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c8543898bb9ac66af54b902b4e5f1df174bd02ac3738f5c9cac37607a4c17c72

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 3449088
x-cache: HIT, HIT
fastly-io-info: ifsz=33850 idim=270x181 ifmt=png ofsz=22178 odim=270x181 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 22178
server: UploadServer
etag: "QWWdlan+peYfAN0Dfur3bjrJ4kcsAP8fYL60htM2HrY"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=HLTOHQ==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 16:57:03 GMT

GET
H2 200 card--banking-.png
sqy7rm.media.zestyio.com/ 10 KB
10 KB 27ms
15ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/card--banking-.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d23ce381e31531a28268dd17e8a5043e894577a94b3297b944ff4413ef2733c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 2272728
x-cache: HIT, HIT
fastly-io-info: ifsz=18521 idim=250x291 ifmt=png ofsz=10298 odim=250x291 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 10298
server: UploadServer
etag: "LPhr3rMboP6Fu1jraOj8Pv1E4el1/7h5FjJm6lbZGpc"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=BTEIDQ==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 07:43:04 GMT

GET
H2 200 card--learn-.png
sqy7rm.media.zestyio.com/ 2 KB
2 KB 32ms
21ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/card--learn-.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: eb5c65ff584eb31f5566b9b2e994b5f6d2159646b29c5f1dbfb76c1a71ad3d30

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 4167996
x-cache: HIT, HIT
fastly-io-info: ifsz=5369 idim=160x160 ifmt=png ofsz=2314 odim=160x160 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 2314
server: UploadServer
etag: "+2x2lrrslDADu3sqhJWwdk/AMMpLj6sBSFFJPdqZlY8"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=dSBcUg==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 09:15:16 GMT

GET
H2 200 Envoy-Home-Hero-Subs-Icon-5.png
sqy7rm.media.zestyio.com/ 2 KB
2 KB 48ms
37ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Icon-5.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c21cfe877411ab0b04a6e1d75eefc95379274af637e75d1df1da45ec0b2b5769

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 3538979
x-cache: HIT, HIT
fastly-io-info: ifsz=4886 idim=270x181 ifmt=png ofsz=2158 odim=270x181 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 2158
server: UploadServer
etag: "gwgsi830DDJLnPY6XjA09Ik96f4Ls/IABS877VHzX1M"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=pqTRmQ==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 15:58:53 GMT

GET
H2 200 Envoy-Home-Hero-Subs-Icon-6.png
sqy7rm.media.zestyio.com/ 11 KB
12 KB 26ms
15ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Hero-Subs-Icon-6.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b9af77cdf60c23bce4e0e0380f02192bee73f67a6cd50fdd5633cab3e6f011e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 7795588
x-cache: HIT, HIT
fastly-io-info: ifsz=20259 idim=250x291 ifmt=png ofsz=11604 odim=250x291 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 11604
server: UploadServer
etag: "eN1s+gL0TAgk8YwkmA45i2DhGWsjsdQJ2bIv69MCQA8"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=s/6gaw==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 09:35:23 GMT

GET
H2 200 Envoy-Home-CLIR-1.png
sqy7rm.media.zestyio.com/ 4 KB
4 KB 33ms
22ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-CLIR-1.png?width=50&fit=bounds
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 12763d57730d65fed3ec1f483cd6d3b7af10882ad2716e7f41b4829c5b8d8ddb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 2336182
x-cache: HIT, HIT
fastly-io-info: ifsz=113537 idim=1024x870 ifmt=png ofsz=4092 odim=50x42 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 4092
server: UploadServer
etag: "mS82JCZVCSWPDxp8fRrgqdax1Dyk3YX/4RDcBw62M+0"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=tItApQ==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 14:05:29 GMT

GET
H2 200 Envoy-Home-ILCR-1.png
sqy7rm.media.zestyio.com/ 4 KB
5 KB 29ms
18ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-ILCR-1.png?width=50&fit=bounds
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8d64e644c033429943fff149c3eea2c7a247b5b286b2bdcd757db2ce50435eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 1730972
x-cache: HIT, HIT
fastly-io-info: ifsz=130093 idim=1024x919 ifmt=png ofsz=4598 odim=50x45 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 4598
server: UploadServer
etag: "U/oYcSZonwD7np75euyjFUPcbyXbR4xv62zw8RXVqpY"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=bvj7eg==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 14:12:19 GMT

GET
H2 200 Envoy-Home-CLIR-2.png
sqy7rm.media.zestyio.com/ 4 KB
4 KB 43ms
32ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-CLIR-2.png?width=50&fit=bounds
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c0864bc7356d9693ebc6e61de0bb1addcfd2693bf3dc8406404d49ea7e4aad79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 1760211
x-cache: HIT, HIT
fastly-io-info: ifsz=87814 idim=1024x766 ifmt=png ofsz=3838 odim=50x37 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 3838
server: UploadServer
etag: "oViYDE5D4P+BYA5SNNFTWTx+XSuGTnTUt3P35ra0G7U"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=LsinJA==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 06:05:01 GMT

GET
H2 200 Envoy-Home-Potential.png
sqy7rm.media.zestyio.com/ 3 KB
3 KB 29ms
18ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Potential.png?width=50&fit=bounds
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c02f494e516bb37b59fdabb0c3ae0b6bf320499f1e1d0e28983f608c8b59bd3b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 1666716
x-cache: HIT, HIT
fastly-io-info: ifsz=197589 idim=590x899 ifmt=png ofsz=3224 odim=50x76 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 3224
server: UploadServer
etag: "g5YSAb5agk7NTwma7RCqufVu+hJTSaS7Nu9kW17Q60M"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=ElBNRg==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 08:03:15 GMT

GET
H2 200 Env-Home-Highlighted-Text-1-Updt.png
sqy7rm.media.zestyio.com/ 72 KB
73 KB 33ms
22ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Env-Home-Highlighted-Text-1-Updt.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bee3ca5a85a9f5922139374e7aa578064bbf4dd94836604028c965daa003e9ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 535105
x-cache: HIT, HIT
fastly-io-info: ifsz=81140 idim=352x526 ifmt=png ofsz=74136 odim=352x526 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 74136
server: UploadServer
etag: "bsoWg9+BFoVUXiFiD+Yyssmzez4YrSRN4SCgImC4iik"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=ZLeQjw==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Feb 2023 10:23:27 GMT

GET
H2 200 Envoy-Home-Highlighted-Text-2.png
sqy7rm.media.zestyio.com/ 44 KB
44 KB 30ms
19ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Highlighted-Text-2.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ebdc9773a057416bdff20d4743b9894a904c0466d8469ecc2b1b41b5eb57d3c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 4231071
x-cache: HIT, HIT
fastly-io-info: ifsz=49683 idim=420x312 ifmt=png ofsz=44546 odim=420x312 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 44546
server: UploadServer
etag: "uOsCELujdcQ/Y8WhKrteJfr2+hSnItkYccHEghsv72k"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=vGQRkw==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Jan 2023 15:44:01 GMT

GET
H2 200 Env-Home-Highlighted-Text-3-Updt.png
sqy7rm.media.zestyio.com/ 76 KB
77 KB 32ms
21ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Env-Home-Highlighted-Text-3-Updt.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 015a773fd5c9fff88a47b3fd9606c59318d1be9a65ab873ec35e10f90ff8b606

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 4177405
x-cache: HIT, HIT
fastly-io-info: ifsz=83674 idim=392x436 ifmt=png ofsz=78166 odim=392x436 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 78166
server: UploadServer
etag: "vNPrWWLRH3sqHN8kh+c+MDqhCmeJ2PZgf1Vh/NpEmBs"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=VFIMtg==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 06:38:26 GMT

GET
H2 200 Envoy-Home-Highlighted-Text-4.png
sqy7rm.media.zestyio.com/ 71 KB
71 KB 33ms
22ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Highlighted-Text-4.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ab31aaf1e9f55bad18ebd00651ecbd1a5dfae5f3307a8a6b1d73a9ac2d6f8f12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 4230256
x-cache: HIT, HIT
fastly-io-info: ifsz=77768 idim=420x577 ifmt=png ofsz=72746 odim=420x577 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 72746
server: UploadServer
etag: "7/uK2/2Yhmvpk2/v7ffxwd0s94GEOAfGs8ARb2ISVfE"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=CW5bRA==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Jan 2023 15:57:36 GMT

GET
H2 200 Press-Quote-Carousel-Phone-Image-Home.png
sqy7rm.media.zestyio.com/ 77 KB
78 KB 32ms
22ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Press-Quote-Carousel-Phone-Image-Home.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3322b7121f031ac749179272e2d687b4d0a4e5319279dbe3e916cddcdf885642

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 1136001
x-cache: HIT, HIT
fastly-io-info: ifsz=87266 idim=535x714 ifmt=png ofsz=79142 odim=535x714 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 79142
server: UploadServer
etag: "SC+xpNbqs5XhVP2dACFzkQb1EpHM1G3MKJ1W1wzWXS4"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=Uc31bQ==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 11:28:30 GMT

GET
H2 200 Envoy-Home-Press-Quote-Plus.png
sqy7rm.media.zestyio.com/ 31 KB
31 KB 41ms
31ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Press-Quote-Plus.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b9792c6132afafb298632395f335efeb91d3223163b1b7f3a1a60d79811fae4b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 1753034
x-cache: HIT, HIT
fastly-io-info: ifsz=32437 idim=409x434 ifmt=png ofsz=31674 odim=409x434 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 31674
server: UploadServer
etag: "goVAnYFBSvDXaxyziorTyWfzO8ZQZbQPMJG8jYMtC9g"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=72Gy5Q==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 08:04:37 GMT

GET
H2 200 Plus-Sign-Purple.svg
sqy7rm.media.zestyio.com/ 318 B
515 B 29ms
18ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Plus-Sign-Purple.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c36cf13272dbdc6b91cf4e41e7fb31d7a72a9ad18f44d0d67724d859fb6f164b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1206268
x-cache: HIT, HIT
content-length: 186
last-modified: Sat, 26 Feb 2022 00:53:25 GMT
server: UploadServer
etag: "4dbec122554c1deed72f0a6e4f3af681"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=32c+eQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 15:57:23 GMT

GET
H2 200 Plus-Sign-White.svg
sqy7rm.media.zestyio.com/ 314 B
361 B 33ms
23ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Plus-Sign-White.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 41c1b7f96412a3711a2bb5d81cf1c2b1c7d54cad6f69ce5ae5eefcd9244e6996

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1758617
x-cache: HIT, HIT
content-length: 182
last-modified: Sat, 26 Feb 2022 00:53:25 GMT
server: UploadServer
etag: "2eb892863d10e9c31a4a8c0951d3818f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=Tr+EQg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 06:31:34 GMT

GET
H2 200 Invest.svg
sqy7rm.media.zestyio.com/ 1 KB
760 B 33ms
23ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Invest.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 38b2d6ca92e15cff0840b946dbce2fa02e74296d4dec31e9afd34ab34e827951

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3940712
x-cache: HIT, HIT
content-length: 476
last-modified: Tue, 15 Nov 2022 23:39:26 GMT
server: UploadServer
etag: "d970ab95773f3d5e1dff678d9fb7d0c7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=4L/Uwg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 00:23:21 GMT

GET
H2 200 Spend.svg
sqy7rm.media.zestyio.com/ 783 B
494 B 33ms
23ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Spend.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 460b698b052164e5c25e8da6f0e6a6a041c1f72052d16e2ec7d475784c83782d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1670197
x-cache: HIT, HIT
content-length: 380
last-modified: Tue, 15 Nov 2022 23:39:26 GMT
server: UploadServer
etag: "c8819d124dd8cdebcda559583f7e1101"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=5SjfXQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 07:05:15 GMT

GET
H2 200 Benefits.svg
sqy7rm.media.zestyio.com/ 1 KB
772 B 33ms
23ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Benefits.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 669258e2dd447f8a3f41014c1358c41ab506bacb94ecfa7d305b6d36c3dfbd51

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2942793
x-cache: HIT, HIT
content-length: 534
last-modified: Tue, 15 Nov 2022 23:39:26 GMT
server: UploadServer
etag: "d0c9190a5e8d71361972d84f513b1cf5"
vary: X-Goog-Allowed-Resources, Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=hn3iPw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 13:35:19 GMT

GET
H2 200 Earn.svg
sqy7rm.media.zestyio.com/ 1 KB
937 B 35ms
25ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Earn.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a323456e6ff4f742ba16fbd550200e39949761729da8a57442b6cbb7d7aad31d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3950861
x-cache: HIT, HIT
content-length: 654
last-modified: Tue, 15 Nov 2022 23:39:26 GMT
server: UploadServer
etag: "f15d0b4cf6bbaee63a7a9c61a8b0c585"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=1u+zGg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 21:34:10 GMT

GET
H2 200 Grow.SyIEQiZUj.svg
sqy7rm.media.zestyio.com/ 961 B
700 B 35ms
26ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Grow.SyIEQiZUj.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e85a8c0eccc4a0555de8e39e6e1217a805825763ee1ad61c0b2f843df7095f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3476870
x-cache: HIT, HIT
content-length: 543
last-modified: Tue, 15 Nov 2022 23:39:26 GMT
server: UploadServer
etag: "5b50a46331dbe2b6b85aa0236a16a0a9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=YA6YBQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 09:14:01 GMT

GET
H2 200 Tree-Asset.png
sqy7rm.media.zestyio.com/ 122 KB
123 KB 37ms
28ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Tree-Asset.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b6a57771af3547b7747df54fdcbc55f4c46c09d88f36c2a6beda802c7f3df584

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 1663179
x-cache: HIT, HIT
fastly-io-info: ifsz=132993 idim=800x743 ifmt=png ofsz=125310 odim=800x743 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 125310
server: UploadServer
etag: "1oMsJx8DzZujGwkIp9s5TuJD2+gI3ON9oE1wnYZApBk"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=qEGJmA==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 09:02:13 GMT

GET
H2 200 Closing-Signup-Updt-202210-2.png
sqy7rm.media.zestyio.com/ 17 KB
17 KB 37ms
28ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Closing-Signup-Updt-202210-2.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 87f9909a05ad4f2256522a593c47443c4ce62ec88f762ff8ff973becd05ef762

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 1122013
x-cache: HIT, HIT
fastly-io-info: ifsz=32178 idim=540x330 ifmt=png ofsz=17348 odim=540x330 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 17348
server: UploadServer
etag: "Gtw/NDOx/SXFu2/X1b7azWvSzcwCk45G6iYjUy1RqOg"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=NPS+tQ==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 15:21:38 GMT

GET
H2 200 Closing-Signup-Updt-Mob-202210-2.png
sqy7rm.media.zestyio.com/ 26 KB
26 KB 37ms
28ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Closing-Signup-Updt-Mob-202210-2.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2399d2facc8dfea4b7e4ba6f868c41d7e5eb5eab4dcf3709c763cb2ffaf01514

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 1209894
x-cache: HIT, HIT
fastly-io-info: ifsz=49808 idim=670x629 ifmt=png ofsz=26258 odim=670x629 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 26258
server: UploadServer
etag: "bhgOF0VYPvUCXFbuMzpORVmkTn1FBXYHOJgTbi1AANE"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=xpxgAw==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 14:56:58 GMT

GET
H2 200 Footer-Lifestyle.png
sqy7rm.media.zestyio.com/ 76 KB
76 KB 38ms
29ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Footer-Lifestyle.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b9580de50cc77ba269dd28634f7ba278e2424952269a1fd3defcb76df82774cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 8206778
x-cache: HIT, HIT
fastly-io-info: ifsz=84349 idim=420x420 ifmt=png ofsz=77472 odim=420x420 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 77472
server: UploadServer
etag: "1ZOuQQ7JD14mtZTVLQ22mw4J9KvzZGdto64R/1IXVOM"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=7w9I2A==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 15:22:14 GMT

GET
H2 200 Acorns-Footer-Logo-2x-2022.png
sqy7rm.media.zestyio.com/ 2 KB
2 KB 37ms
29ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Acorns-Footer-Logo-2x-2022.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 873c88ff7bb7c09518e3a2a06a06a2719c3cabd1b0b4fd1ed3a1bc2269eb5b39

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 4786738
x-cache: HIT, HIT
fastly-io-info: ifsz=4845 idim=260x70 ifmt=png ofsz=1676 odim=260x70 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 1676
server: UploadServer
etag: "tUiIbeYsVFkc++LTIsuTZ5xG4U/DsFxQauVSHkF7/t4"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=o+v1Pg==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Jan 2023 05:22:54 GMT

GET
H2 200 Instagram.png
sqy7rm.media.zestyio.com/ 474 B
688 B 37ms
28ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Instagram.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4b036dd6e9efed652f0d3de0d9c0c6a90cdf52bcfb8c70528e327a2da25c64c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 4169244
x-cache: HIT, HIT
fastly-io-info: ifsz=1267 idim=36x36 ifmt=png ofsz=474 odim=36x36 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 474
server: UploadServer
etag: "36HhJYbTaly8fPfSSRaWaM8zcLjj2sb7Waga9cxi1Ew"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=amkUqQ==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Jan 2023 08:54:28 GMT

GET
H2 200 Twitter.png
sqy7rm.media.zestyio.com/ 314 B
529 B 40ms
31ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Twitter.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3aee60cca42f067e8cdcde810071fb3c6358107f64dbea07b7ddfa066c0cf37a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 2942178
x-cache: HIT, HIT
fastly-io-info: ifsz=807 idim=32x27 ifmt=png ofsz=314 odim=32x27 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 314
server: UploadServer
etag: "Id5BHgWs39fuAReDIBAETQikIhoPojj7i+eBg8GxjG4"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=0MY+0g==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 13:45:34 GMT

GET
H2 200 Facebook.png
sqy7rm.media.zestyio.com/ 208 B
472 B 40ms
31ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Facebook.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bab6f584235145000794b7e76bff95af18228137cb4f03a7036c9a91f3dd21c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 2965621
x-cache: HIT, HIT
fastly-io-info: ifsz=409 idim=17x35 ifmt=png ofsz=208 odim=17x35 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 208
server: UploadServer
etag: "+HP6vl3gBdGRA93wwDEnhvMA3iCMdgp2qRaHbJLM5kg"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=xK/Gaw==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 07:14:51 GMT

GET
H2 200 EqualWeb-ADA-icon-green.svg
sqy7rm.media.zestyio.com/ 1 KB
1 KB 40ms
32ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/EqualWeb-ADA-icon-green.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7ee406b38fe02682ae8ddf93bb333ed6cb7ae197a8709669c38fcbdf2e5ab7fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3454750
x-cache: HIT, HIT
content-length: 702
last-modified: Fri, 14 May 2021 21:28:54 GMT
server: UploadServer
etag: "bdac2dc9553d7284247686fb121d722a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=TE6iPg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 15:22:42 GMT

OPTIONS
H2 204 /
api.rudderlabs.com/sourceConfig/ Frame 0
0 141ms
105ms Preflight 2600:9000:2251:c200:9:fddd:fc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rudderlabs.com/sourceConfig/?p=cdn&v=1.26.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:c200:9:fddd:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://citigroupstore.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: *
access-control-max-age: 900
alt-svc: h3=":443"; ma=86400
date: Mon, 06 Mar 2023 14:01:52 GMT
vary: Origin
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-id: _Wk6xkzUOGgq57FEXyo6peofJ9b3tP7WL4hXiuPUFXrH516Zktl6DQ==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
x-request-id: 721c7f10-bc27-11ed-91b1-b7cc4fbbe6c5

OPTIONS
H2 200 page
acornsprod-dataplane.rudderstack.com/v1/ Frame 0
0 300ms
97ms Preflight 54.88.123.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://acornsprod-dataplane.rudderstack.com/v1/page
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.123.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-123-56.compute-1.amazonaws.com
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://citigroupstore.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://citigroupstore.com
access-control-max-age: 900
content-length: 0
date: Mon, 06 Mar 2023 14:01:52 GMT
server: openresty/1.21.4.1
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 1 KB
785 B 24ms
16ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 907255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 382
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-50a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrClLvVEUDuIda2AjH0VORIFM%2BAiCNoEXhZFdK4rgOZPNvlI2sMEpm0ulPTLnv2n5un8TR135dR5AOf9PyeySohuPneQE04qiMbbFjgDUIP71WQIPnQGUU%2BcbpqJe%2FLEr0Rw2e04ZI1gsniz5FIm%2BB9L"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a3b2214680736dd-FRA
expires: Sat, 24 Feb 2024 14:01:52 GMT

GET
H2 200 91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff
sqy7rm.media.zestyio.com/ 24 KB
24 KB 36ms
13ms Font
application/octet-stream 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sqy7rm.media.zestyio.com/91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/site.css?v=c83683c3fe5d1cc1173f08b178c6e4b5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 620660f45d9afea331852f7c4ef47e924069518bbf332b0fda09568f4f51bccf

Request headers

Referer
Origin: https://citigroupstore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5269337
x-cache: HIT, HIT
content-length: 24620
last-modified: Tue, 07 Aug 2018 20:46:41 GMT
server: UploadServer
etag: "b1fa927e09042a5d5f0e6ae17920f48d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
x-hash: crc32c=fYvpRw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 15:19:34 GMT

GET
H2 200 1e9892c0-6927-4412-9874-1b82801ba47a.woff
sqy7rm.media.zestyio.com/ 50 KB
49 KB 39ms
15ms Font
application/octet-stream 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sqy7rm.media.zestyio.com/1e9892c0-6927-4412-9874-1b82801ba47a.woff
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/site.css?v=c83683c3fe5d1cc1173f08b178c6e4b5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 92df2477b56afc4ce0ad3bea35184016a1eeea9d653c1e26087d91a582823988

Request headers

Referer
Origin: https://citigroupstore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1727340
x-cache: HIT, HIT
content-length: 49563
last-modified: Fri, 04 Aug 2017 22:37:57 GMT
server: UploadServer
etag: "f7dac33800c1d323931830719cf825ab"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
x-hash: crc32c=Fttf1g==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 15:12:52 GMT

GET
H2 200 f26faddb-86cc-4477-a253-1e1287684336.woff
sqy7rm.media.zestyio.com/ 43 KB
43 KB 30ms
7ms Font
application/octet-stream 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sqy7rm.media.zestyio.com/f26faddb-86cc-4477-a253-1e1287684336.woff
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/site.css?v=c83683c3fe5d1cc1173f08b178c6e4b5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b7a0651876c9cf7cb6fa7e0255a7c5133aaf309cc3007aef7e2d32ce325c6e9c

Request headers

Referer
Origin: https://citigroupstore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3556616
x-cache: HIT, HIT
content-length: 43252
last-modified: Fri, 04 Aug 2017 23:25:58 GMT
server: UploadServer
etag: "8b3a494f9ba75e904bf84a1b374dca64"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
x-hash: crc32c=3rh4IQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 11:04:56 GMT

GET
H2 200 Env-Home-Press-Carousel-Arrow-Left.svg
sqy7rm.media.zestyio.com/ 475 B
412 B 9ms
9ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Env-Home-Press-Carousel-Arrow-Left.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c09d1699a8d0284390d3f6b90203207781dbac9657ccf4eef0baaccc44aabb41

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3448693
x-cache: HIT, HIT
content-length: 219
last-modified: Tue, 14 Jun 2022 04:41:26 GMT
server: UploadServer
etag: "2412aa39e413487dd5d900bf1d8878b3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=gwTwvg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 17:03:39 GMT

GET
H2 200 Env-Home-Press-Carousel-Arrow-Right.svg
sqy7rm.media.zestyio.com/ 461 B
580 B 8ms
8ms Image
image/svg+xml 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Env-Home-Press-Carousel-Arrow-Right.svg
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 35998e462f4b532bfb3640d61807c260438a8ebd4744ce48c5f808c956bd2685

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: origin, content-type, accept
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4056574
x-cache: HIT, HIT
content-length: 213
last-modified: Tue, 14 Jun 2022 04:41:25 GMT
server: UploadServer
etag: "be84b653f4e835d7a4ba09a783d2e05f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-hash: crc32c=zzCM7w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 16:12:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 346 KB
98 KB 54ms
33ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5Z5XQQ

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f62992394f522180c0dcff26cdfb4793a71a7d8fa8c70f82f59126d7a3e4fd4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100376
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Mar 2023 14:01:52 GMT

GET
H2 200 / Show response
api.rudderlabs.com/sourceConfig/ 2 KB
1 KB 329ms
328ms XHR
application/json 2600:9000:2251:c200:9:fddd:fc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rudderlabs.com/sourceConfig/?p=cdn&v=1.26.0

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1/rudder-analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:c200:9:fddd:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e955e09b23ecb5fe9d773cedff0af65c4925712c710ab696dce67de2388fb33d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
Authorization: Basic MW13eTF0VHJ1dDVQeFVvN3o3Nnp3TFhhT1dsOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 724822f0-bc27-11ed-9fe3-6b5d0346845e
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-amz-cf-id: J9wDV0vh8SmciVvLHMsBHAN1GRgcmKj-3k1AlZRDnqHpTUosUreaqw==

POST
H2 200 page Show response
acornsprod-dataplane.rudderstack.com/v1/ 2 B
178 B 110ms
109ms XHR
text/plain 54.88.123.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://acornsprod-dataplane.rudderstack.com/v1/page
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1/rudder-analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.123.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-123-56.compute-1.amazonaws.com
Software: openresty/1.21.4.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
accept-language: de-DE,de;q=0.9
Authorization: Basic MW13eTF0VHJ1dDVQeFVvN3o3Nnp3TFhhT1dsOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
AnonymousId: NTEzOTAyY2QtYzI3Yi00NjIzLTkyZjAtYWIxMmY0ZmViOTUx
Content-Type: application/json

Response headers

access-control-allow-origin: https://citigroupstore.com
date: Mon, 06 Mar 2023 14:01:52 GMT
access-control-allow-credentials: true
server: openresty/1.21.4.1
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 accessibility.js Show response
aacdn.nagich.com/core/4.2.1/ 40 KB
14 KB 286ms
257ms Script
application/javascript 2606:4700:20::ac43:44bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aacdn.nagich.com/core/4.2.1/accessibility.js

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94f1964926df9e01f1b8c2b40636a3c9616cd062fc2ac065ad996d6fac47532e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://citigroupstore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Nov 2021 13:45:14 GMT
server: cloudflare
etag: W/"051ff5527e5d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LMuK916qEXZL82tgUpTA4tseCFceqlF1ejd2jKGGs7b29uAzq0PXWIr%2FFq%2BELO7Y%2F7uvkzuejU9bMITIH38vZKlFEd3VDZ%2FnwWa56ua%2Fg5eMzkNICoBBHPEPt4zcH8xqJC93gfqtB%2F%2B5zj3lTM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-frame-options: deny
cf-ray: 7a3b22154cf93a67-FRA

GET
H2 200 Envoy-Home-Hero-2.png
sqy7rm.media.zestyio.com/ 398 KB
399 KB 10ms
9ms Image
image/webp 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sqy7rm.media.zestyio.com/Envoy-Home-Hero-2.png
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: de24e7ea7c4a5166b584f30f1b66aa204b25cceb0e1ba30a1391041ffccc0db8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 1723749
x-cache: HIT, HIT
fastly-io-info: ifsz=474109 idim=1500x948 ifmt=png ofsz=407854 odim=1500x948 ofmt=webp
x-guploader-response-body-transformations: gunzipped
fastly-stats: io=1
content-length: 407854
server: UploadServer
etag: "fbE88DfL9mmA6JNm7Q0rQddpnqXE7w4qD9s5RBvjkBY"
vary: Accept
warning: 214 UploadServer gunzipped
content-type: image/webp
access-control-allow-origin: *
x-hash: crc32c=b5/f5Q==
access-control-expose-headers: Content-Type, Content-Length, authorization
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 16:12:42 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 25 KB
9 KB 34ms
16ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z5XQQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ewgd1d1Vp0nFNYpIMiFTtA==
age: 75319
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8460
x-ms-lease-status: unlocked
last-modified: Thu, 02 Mar 2023 20:31:12 GMT
server: cloudflare
etag: 0x8DB1B5D10AED08B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fa531f66-201e-0068-45ee-4d86b7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a3b22160eae2c65-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1659095512&t=pageview&_s=1&dl=https%3A%2F%2Fcitigroupstore.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6HDACEABBAAAACAAI~&jid=1196774&gjid=1878959384&cid=121335352.1678111312&tid=UA-46142661-9&_gid=161947696.1678111312&_r=1&gtm=45He3310n715Z5XQQ&cd5=203886ee-48b1-4382-a631-96ceb405c22c&cd6=121335352.1678111312&z=1105803360

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 14:01:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://citigroupstore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 48ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z5XQQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 06 Mar 2023 14:01:51 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FF290B766C7841B5B9AE8FEF84AE340E Ref B: FRAEDGE1306 Ref C: 2023-03-06T14:01:52Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 A356617-654d-4f72-a649-40b4707b47911.js Show response
d.impactradius-event.com/ 43 KB
14 KB 417ms
217ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A356617-654d-4f72-a649-40b4707b47911.js
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8fc757445da0f8965e037b9356b36c72ee70a180c85c19c919c385882db54c0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdshwfREnZMZwp8ei36920-kU88vJAmgiRyOHLOHXgu4lm2zUAE9cLVHZCe3dNjVtdNBWVGn7dF8wgmdg-lnyGTywe6VDp9K
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14070
last-modified: Tue, 14 Feb 2023 16:21:34 GMT
server: UploadServer
etag: "c132299532e77a096758d8d22f34fea4"
vary: Accept-Encoding
x-goog-generation: 1676391694676566
x-goog-hash: crc32c=0WeYig==, md5=wTIplTLneglnWNjSLzT+pA==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 14070
accept-ranges: bytes
expires: Mon, 06 Mar 2023 14:06:52 GMT

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 417ms
106ms Script
text/javascript 18.210.93.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.93.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-93-189.compute-1.amazonaws.com
Software: /
Resource Hash: d540bec104470694d94b61c36029b7c94da26f8c91829e7aec8f5278eb9d0794

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 06 Mar 2023 14:01:52 GMT
Cache-Control: max-age=5
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 5415
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N6KB6DJJP1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z5XQQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9e8291b576550c05afce1c5de197c4fabd3759caf4cd18b2321e3c6ce66c887

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72802
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Mar 2023 14:01:52 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-46142661-9&cid=121335352.1678111312&jid=1196774&gjid=1878959384&_gid=161947696.1678111312&_u=6HDACEABBAAAACAAI~&z=448762090

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Mar 2023 14:01:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://citigroupstore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 eae71e22-a1b0-429b-9b8a-acb716371a70.json Show response
cdn.cookielaw.org/consent/eae71e22-a1b0-429b-9b8a-acb716371a70/ 4 KB
2 KB 70ms
55ms XHR
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/eae71e22-a1b0-429b-9b8a-acb716371a70/eae71e22-a1b0-429b-9b8a-acb716371a70.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca385f414de44ac6289a7054a11f3d46edeee2a9f914e468ffacc6db178c62aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: l+OFoqsDGNuyOJl+/4Jrdw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1496
x-ms-lease-status: unlocked
last-modified: Thu, 22 Dec 2022 18:08:23 GMT
server: cloudflare
etag: 0x8DAE447843CC3E4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 71f4208a-801e-0148-7434-50ac2e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a3b22164f223a74-FRA
expires: Tue, 07 Mar 2023 14:01:52 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 56ms
55ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-46142661-9&cid=121335352.1678111312&jid=1196774&_u=6HDACEABBAAAACAAI~&z=1593630295

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 14:01:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 57ms
56ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-46142661-9&cid=121335352.1678111312&jid=1196774&_u=6HDACEABBAAAACAAI~&z=1593630295

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 14:01:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 36ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N6KB6DJJP1&gtm=45je3310&_p=1659095512&_gaz=1&cid=121335352.1678111312&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678111312&sct=1&seg=0&dl=https%3A%2F%2Fcitigroupstore.com%2F&dt=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N6KB6DJJP1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 14:01:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://citigroupstore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 19ms
19ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N6KB6DJJP1&cid=121335352.1678111312&gtm=45je3310&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N6KB6DJJP1&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 14:01:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://citigroupstore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 55ms
55ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N6KB6DJJP1&cid=121335352.1678111312&gtm=45je3310&aip=1&z=979514294

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 14:01:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 187016961.js Show response
bat.bing.com/p/action/ 0
118 B 109ms
109ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187016961.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 06 Mar 2023 14:01:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B3CB8CB2B68C4969A3BCC9E25B1A4A38 Ref B: FRAEDGE1306 Ref C: 2023-03-06T14:01:52Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 35ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187016961&tm=gtm002&Ver=2&mid=42cbe6b9-9bb3-4ac5-9852-5bd6b316b18e&sid=72300fd0bc2711edbb269b27cb972476&vid=72300810bc2711ed8c0d67c1351bcb14&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Acorns%20-%20Invest,%20Earn,%20Grow,%20Spend,%20Later%20%7C%20Acorns%20%7C%20Acorns&p=https%3A%2F%2Fcitigroupstore.com%2F&r=&lt=1429&evt=pageLoad&sv=1&rn=493435

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 14:01:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 36A9D831C1004ADDAB403BB8E09EBC15 Ref B: FRAEDGE1306 Ref C: 2023-03-06T14:01:52Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
308 B 54ms
29ms XHR
application/json 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7a3b2216cf2d3a9e-FRA
access-control-allow-headers: Content-Type

GET
H2 200 style.css Show response
aacdn.nagich.com/style/ 18 KB
4 KB 262ms
262ms Fetch
text/css 2606:4700:20::ac43:44bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aacdn.nagich.com/style/style.css

Requested by

Host: aacdn.nagich.com
URL: https://aacdn.nagich.com/core/4.2.1/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29c62fe219558442e22e79ca385b4b5edccea5b24d4836f2478118ec1c465249

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Oct 2022 09:01:39 GMT
server: cloudflare
etag: W/"809b15953dd6d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nv9cRklJmCK9jV7EFgdz4H%2Fe2HRoN5S4kjn5fLmAIlSWIo3qxutrwyV0rfV0HTZqCj9TrF7m52xV34WhnbrAABe0K%2BN5piDMhvH6A1fDVNBSZAZSADptSEmh0svrVG91ZBlJeecmb9WhN1mKSMQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-frame-options: deny
cf-ray: 7a3b2216ff743a67-FRA

GET
H2 200 btncolor.css Show response
aacdn.nagich.com/style/ 107 B
430 B 258ms
257ms Fetch
text/css 2606:4700:20::ac43:44bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aacdn.nagich.com/style/btncolor.css

Requested by

Host: aacdn.nagich.com
URL: https://aacdn.nagich.com/core/4.2.1/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b074fbf6834f2d4b30c89feeebfae88f9723b6e3d722f8b88ce4bdbe61b933a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Feb 2019 11:17:50 GMT
server: cloudflare
etag: W/"4c2a96cfbc1d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w28O5sdibZY8qsWEgE4RNRqQTm5ASR%2F67zWR%2B4h0MKtZsAfgp9Wv%2BpegrQFVWNJv4K38xt99tmSRCts%2Ba0cnjPveLhnXzvvowdgQ%2FytY5BAR5mvnfEZ%2BsPs82tvA%2FaGVRxUWNgN4oweaZ2itSuc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-frame-options: deny
cf-ray: 7a3b2216ff773a67-FRA

GET
H2 200 en.json Show response
aacdn.nagich.com/assets/locale/ 810 B
720 B 74ms
74ms Fetch
application/json 2606:4700:20::ac43:44bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aacdn.nagich.com/assets/locale/en.json

Requested by

Host: aacdn.nagich.com
URL: https://aacdn.nagich.com/core/4.2.1/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a59881aae83948c79aad351b6c2b206f08360449c9a47e725f4523b57c5d5e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Jun 2021 15:40:09 GMT
server: cloudflare
etag: W/"f45920b9fc61d71:0"
x-frame-options: deny
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUU3NpPKxgeOnAdGdEs%2BPH32dIzVaVaUbDsPBeVyPtlrOPTzuIDiMfLMg%2FEug0AhSV0%2B86T9JtUQ06kgx8QkvINxS3j6OpmlD9a5UQxNEroRJoNqZk%2BWyKhRZcwo5SGKse7k94OrAed%2Fyn0y8vE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 7a3b2216ff783a67-FRA

GET
H2 200 pdf.js Show response
aacdn.nagich.com/assets/scripts/ 7 KB
2 KB 261ms
260ms Fetch
application/javascript 2606:4700:20::ac43:44bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aacdn.nagich.com/assets/scripts/pdf.js

Requested by

Host: aacdn.nagich.com
URL: https://aacdn.nagich.com/core/4.2.1/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

581d447eb6b75fffeb4a8fc041bebca5158f0f41aa368fb6ef0c1690ae5000a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sun, 23 Feb 2020 12:50:59 GMT
server: cloudflare
etag: W/"80fb6ce547ead51:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhVz4Zt60uGsoV5iCI8MUn0eB3A57%2FlI8FH1opByzOSTb6KN5Mh5w%2FJ1R9F8m4JZrZOYpnjkgc7Tc0JuZQHUwxmdl5tak9ft2a1azqq1FM5UlnrEvmdiXmdQWPFIKjgWvBUVBKjBq301nEVQ55U%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
x-frame-options: deny
cf-ray: 7a3b2216ff793a67-FRA

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202211.1.0/ 383 KB
92 KB 16ms
16ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff3565cc93cf3c21b441dd5911de725fb55e4d203cfe380ea1b70adfc9c7504b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9qSRvp3H9roScfT6qXUxeQ==
age: 73017
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93485
x-ms-lease-status: unlocked
last-modified: Thu, 15 Dec 2022 13:30:03 GMT
server: cloudflare
etag: 0x8DADEA07933BD54
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e3dbcf52-f01e-014c-2807-1159ac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a3b22170fff2c65-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/eae71e22-a1b0-429b-9b8a-acb716371a70/63e36d5c-9d93-4f16-b177-04f849f7a394/ 78 KB
17 KB 53ms
53ms Fetch
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/eae71e22-a1b0-429b-9b8a-acb716371a70/63e36d5c-9d93-4f16-b177-04f849f7a394/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e275b4808fc80a08b74a08cf9473dae9a8f9950b63c52278bfbb60a41ef0b7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: D0N15PQH4KNkhnzOB6AyGA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 17163
x-ms-lease-status: unlocked
last-modified: Thu, 22 Dec 2022 18:08:28 GMT
server: cloudflare
etag: 0x8DAE44786B778CD
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c71bfded-401e-0138-3734-50dfea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a3b2217381a3a74-FRA
expires: Tue, 07 Mar 2023 14:01:52 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/ 61 KB
13 KB 40ms
39ms Fetch
application/json 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DNL7D9cwlU7yFZUg2W8ZNA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12540
x-ms-lease-status: unlocked
last-modified: Thu, 15 Dec 2022 13:29:57 GMT
server: cloudflare
etag: 0x8DADEA0758F35B0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3de73254-c01e-0129-4edd-4fe8f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a3b2217a8913a74-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/ 21 KB
4 KB 40ms
40ms Fetch
text/css 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
x-ms-lease-status: unlocked
last-modified: Thu, 15 Dec 2022 13:30:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 1c84d781-701e-00bc-60e0-4fcf97000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7a3b2217a8943a74-FRA

GET
H2 200 scevent.min.js Show response
sc-static.net/ 30 KB
14 KB 94ms
46ms Script
application/javascript 18.164.48.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z5XQQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.48.241 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-48-241.cdg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: e2adb933987ecc1b413c1ad0d5024757f89f224afccc19d42f8c4c322aef7ea3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 aa6aac7d06fbfacc7e809b87e595c5b6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CDG50-P4
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 13327
x-amz-cf-id: ZvnJJTrXXoP-W78WA1PjuwlbKMl7YGd8mJCJQdwCZPASWJeurtdnxA==

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 68ms
11ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z5XQQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 74ms
17ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z5XQQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-vie6331-VIE

GET
H/1.1 200
OK tv2track.js Show response
collector-4820.tvsquared.com/ 20 KB
9 KB 510ms
111ms Script
application/javascript 18.219.174.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-4820.tvsquared.com/tv2track.js
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.174.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-174-229.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 14:01:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 10:04:48 GMT
Server: nginx
ETag: "639c42c0-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Mon, 06 Mar 2023 14:11:53 GMT

GET
H2 200 dpm_pixel_min.js Show response
c.tvpixel.com/js/current/ 103 KB
32 KB 50ms
7ms Script
application/javascript 2600:9000:225e:bc00:1d:bf0a:0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=acorns-4298a50a-95ea-4164-bad1-f9fe765ec939
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z5XQQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:bc00:1d:bf0a:0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
date: Sun, 05 Mar 2023 19:43:54 GMT
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 65879
etag: W/"08e770c8a17bf087d50cec01af0892c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 3mJWLNgmsEoYOFzqv_iNTJoCIfjvYAiKkRPbBD-Cd-dkSpLZYhu1Zw==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 273ms
149ms Script
application/javascript 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4TRCGP6H18A0MH1Q8I0&lib=ttq
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9e48d9757e43846a6ccaf92f00e07fdb2080ae1d9d16b794eadb6d6503b94827

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-akamai-request-id: db9679a1.136c7473
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 114,23.202.121.136
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=14, inner; dur=3
content-length: 1106
pragma: no-cache
server: nginx
x-tt-logid: 20230306140152872074CFB184330C9E31
x-cache-remote: TCP_MISS from a23-39-229-22.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,23.39.229.22
x-tt-trace-host: 019fd80e76e1929b5b163e31a01375ecba87ac7255488f85425761a408cceeff61670abf633cf2a7178a7ae48ea42bc7ec6d81a0b2339fa2344bbde4bbfb06acc9846237c305bca059a77b10f6ff9c0c8e12ef27210c1c9e0388537094b02daad3892d1ea644e45c8c95ae7aaa465b355c
expires: Mon, 06 Mar 2023 14:01:52 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 273ms
149ms Script
application/javascript 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C551IJ800UN7QUNFF4OG&lib=ttq
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d2fd363aebc49c4cc78f603d888d42ed72500b3c83cb844c1ecd78101e9f47ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-akamai-request-id: 2d4aa5aa.136c7475
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 116,23.202.121.136
server-timing: cdn-cache; desc=MISS, edge; dur=111, origin; dur=5, inner; dur=3
content-length: 1109
pragma: no-cache
server: nginx
x-tt-logid: 20230306140152BEA311117AFD93636F26
x-cache-remote: TCP_MISS from a23-62-155-142.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.62.155.142
x-tt-trace-host: 019fd80e76e1929b5b163e31a01375ecba87ac7255488f85425761a408cceeff61e768543fe7e762ee0f6ea5a0b4d326a6e43268a1de32def1ece537f3efd69671d56a0948d28b4e15bcf6df885559230ebfef86a9c74ae25c416e0e60932ab87d83b75cbe07d7e17d0c97dad371cd8043
expires: Mon, 06 Mar 2023 14:01:52 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 275ms
153ms Script
application/javascript 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C553833G5HFBPDLNLF4G&lib=ttq
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d0d31977fe5498c885a003b37ea4f543ee0e8c9f395e6529b813172b63ac4f46

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-akamai-request-id: 767b3d1d.136c7476
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 116,23.202.121.136
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=10, inner; dur=3
content-length: 1108
pragma: no-cache
server: nginx
x-tt-logid: 20230306140152880467DCBA61581BC176
x-cache-remote: TCP_MISS from a23-39-229-45.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.39.229.45
x-tt-trace-host: 019fd80e76e1929b5b163e31a01375ecba87ac7255488f85425761a408cceeff61d42fdf4bc08952928b759e942a5adae814ad0c75fd675e052051641a6358f2b3476470f151631a772b0c35abb6485c1a755c4becc1a3963bbe91f65d72fbccd424f57a0e382d3cf326078cc382fd1ded
expires: Mon, 06 Mar 2023 14:01:52 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 221ms
147ms Script
application/javascript 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C554HR000UN7QUNFFK40&lib=ttq
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: eabc5bb8293c2e08ad33de276a64b8fcbb310069344f0e9ce94a1d3b378145fc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-akamai-request-id: 2d4ad17d.136c7477
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 113,23.202.121.136
server-timing: cdn-cache; desc=MISS, edge; dur=107, origin; dur=7, inner; dur=2
content-length: 1139
pragma: no-cache
server: nginx
x-tt-logid: 202303061401528BF5F34D63785027CAFB
x-cache-remote: TCP_MISS from a23-62-155-142.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.62.155.142
x-tt-trace-host: 019fd80e76e1929b5b163e31a01375ecba87ac7255488f85425761a408cceeff61e768543fe7e762ee0f6ea5a0b4d326a6cf568ed755b2a2bfa39f7de572c235c5e9038d99cb3d24046f75e5ee9abec0af8b7fc91f2a1493f76f1441764b952dd1f7aef12d3b0a7e121ac6d5f863fd82cf
expires: Mon, 06 Mar 2023 14:01:52 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 222ms
162ms Script
application/javascript 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C55585JG5HFBPDLNLOCG&lib=ttq
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6c4889799f568be158575967f9986b7f4eb084f6313e6596851dcc1e6369cfe1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-akamai-request-id: db96888d.136c7474
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 129,23.202.121.136
server-timing: cdn-cache; desc=MISS, edge; dur=111, origin; dur=18, inner; dur=3
content-length: 1108
pragma: no-cache
server: nginx
x-tt-logid: 2023030614015277390ED11EA63419A062
x-cache-remote: TCP_MISS from a23-39-229-22.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 18,23.39.229.22
x-tt-trace-host: 019fd80e76e1929b5b163e31a01375ecba87ac7255488f85425761a408cceeff61670abf633cf2a7178a7ae48ea42bc7ece29b0cdd36a2cd417034c29481e1bafc67c2ad938555e05c6840922f8dc1c65adbcd8e3a578150282f6447aa19d1c1673bc763a973576fd811add0e9ac2fa8dd
expires: Mon, 06 Mar 2023 14:01:52 GMT

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 64ms
7ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 13:14:58 GMT
content-encoding: gzip
age: 2814
x-guploader-uploadid: ADPycdvCcM0Fkq8ME_hBOraeMRb8qebR8Z1JH8MSo0sqabj4GPPm7-QBbYubJIiLaHm3240oEl3fZOUxwDUhU_mQfcjCKED19I4z
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Mon, 06 Mar 2023 14:14:58 GMT

GET
H2 200 d2a51cf8-ae26-476d-90d6-15577b334259-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 2 KB
2 KB 37ms
7ms Script
application/javascript 2600:9000:223f:600:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/d2a51cf8-ae26-476d-90d6-15577b334259-latest.js
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:600:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5062fa0943966c77dc24e0285fc79ee36e63499221bf722d141d46b1604e7059

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: D2ba482km3yE.Q5vvitT0uRSo_uiMV6F
date: Mon, 06 Mar 2023 03:28:14 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
last-modified: Tue, 25 Oct 2022 19:16:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 38019
x-amz-server-side-encryption: AES256
etag: "bd55b008074631fb3722ef3883766f69"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1614
x-amz-cf-id: OvvpuGrJEt4xuoothtORKL1-bVKuMOAGJrIAi8P-4nm7q9PBIRkt4w==

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=15687583&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D15687583%26t%3D1

0
1 KB

14ms
14ms

Script
application/javascript

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D15687583%26t%3D1

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

HTTP/1.1

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Mar 2023 14:01:52 GMT
AN-X-Request-Uuid: a8cd80bd-851b-46bb-96cd-a68eec57233b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Mon, 06 Mar 2023 14:01:52 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ba8e481e-638d-45fe-9413-b1b519a1ba04
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D15687583%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8QNLD90GTB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z5XQQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b815f4028c148f82e0dfe1df4547d8ce0a01b8c264c000665b913ef299560e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78087
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Mar 2023 14:01:52 GMT

GET kpi
pixel.pointmediatracker.com/ 0
0

GET
H/1.1

200

rs
tags.w55c.net/
Redirect Chain

https://tags.w55c.net/rs?id=e32f39edb7d04b5da4e7315de9538eaf&t=homepage&gtmcb=207119292
https://tags.w55c.net/rs?sccid=348d8dd4-6182-b5d3-9dd2-73424d1fc45f&scc=1&id=e32f39edb7d04b5da4e7315de9538eaf&t=homepage&gtmcb=207119292

42 B
580 B

7ms
7ms

Image
image/gif

35.156.234.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?sccid=348d8dd4-6182-b5d3-9dd2-73424d1fc45f&scc=1&id=e32f39edb7d04b5da4e7315de9538eaf&t=homepage&gtmcb=207119292

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

HTTP/1.1

Server

35.156.234.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-234-106.eu-central-1.compute.amazonaws.com

Software

Retargeting/v2.0.30-769-g9857bbc#rel-ec2-master i-0f1140a1efbb82097@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Mar 2023 14:01:52 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-769-g9857bbc#rel-ec2-master i-0f1140a1efbb82097@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Mar 2023 14:01:52 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-769-g9857bbc#rel-ec2-master i-0f1140a1efbb82097@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://tags.w55c.net/rs?sccid=348d8dd4-6182-b5d3-9dd2-73424d1fc45f&scc=1&id=e32f39edb7d04b5da4e7315de9538eaf&t=homepage&gtmcb=207119292
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

rs
tags.w55c.net/
Redirect Chain

https://tags.w55c.net/rs?id=3d8d9cf507da43849ba6240d648eb887&t=homepage&gtmcb=1201455173
https://tags.w55c.net/rs?sccid=5e09f727-0124-ed08-e238-76587692bc6d&scc=1&id=3d8d9cf507da43849ba6240d648eb887&t=homepage&gtmcb=1201455173

42 B
580 B

8ms
8ms

Image
image/gif

35.156.234.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?sccid=5e09f727-0124-ed08-e238-76587692bc6d&scc=1&id=3d8d9cf507da43849ba6240d648eb887&t=homepage&gtmcb=1201455173

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

HTTP/1.1

Server

35.156.234.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-234-106.eu-central-1.compute.amazonaws.com

Software

Retargeting/v2.0.30-769-g9857bbc#rel-ec2-master i-00e9cdd216e437ef6@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Mar 2023 14:01:52 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-769-g9857bbc#rel-ec2-master i-00e9cdd216e437ef6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Mar 2023 14:01:52 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-769-g9857bbc#rel-ec2-master i-04a4a3c9d6b291794@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://tags.w55c.net/rs?sccid=5e09f727-0124-ed08-e238-76587692bc6d&scc=1&id=3d8d9cf507da43849ba6240d648eb887&t=homepage&gtmcb=1201455173
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
488 B 37ms
37ms Fetch
image/svg+xml 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status: unlocked
last-modified: Thu, 02 Mar 2023 20:31:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c8303386-301e-007c-6be0-4f45d3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7a3b2217f9113a74-FRA

GET
H2 200 Full-2022.png
cdn.cookielaw.org/logos/3482d47f-b804-49de-9617-74e2b57a6e58/fe729cf5-7c93-4782-93da-e1bee09c5cec/2b4aaac2-6dc4-44f8-8d53-75d887703cb0/ 2 KB
3 KB 21ms
20ms Image
image/png 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/3482d47f-b804-49de-9617-74e2b57a6e58/fe729cf5-7c93-4782-93da-e1bee09c5cec/2b4aaac2-6dc4-44f8-8d53-75d887703cb0/Full-2022.png

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

806b2861e7f56f4e033847f81273e9a53f7f7d17685e3546ca72b1878e0f8e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Q3Sm9YHxOU98l4IQWqVLYA==
age: 9475
content-length: 2410
x-ms-lease-status: unlocked
last-modified: Tue, 08 Nov 2022 15:14:15 GMT
server: cloudflare
etag: 0x8DAC19BE675C556
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 1205719e-501e-0023-4bd8-13b72d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a3b2218098e2c65-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 17ms
17ms Image
image/svg+xml 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 65746
x-ms-lease-status: unlocked
last-modified: Thu, 02 Mar 2023 20:31:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 3f27bb0a-b01e-00e5-16ef-4dca11000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7a3b2218098f2c65-FRA

POST
H2 200 tp2 Show response
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
329 B 292ms
97ms XHR
text/plain 44.209.164.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: c.tvpixel.com
URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=acorns-4298a50a-95ea-4164-bad1-f9fe765ec939
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.164.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-164-40.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://citigroupstore.com
date: Mon, 06 Mar 2023 14:01:53 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 307ms
98ms Preflight 44.209.164.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.164.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-164-40.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://citigroupstore.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://citigroupstore.com
access-control-max-age: 600
content-length: 0
date: Mon, 06 Mar 2023 14:01:52 GMT
server: nginx

GET
H2 200 collect Show response
capi.acorns.com/g/ 65 B
547 B 181ms
124ms XHR
text/plain 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://capi.acorns.com/g/collect?v=2&tid=G-8QNLD90GTB&gtm=45je3310&_p=1659095512&cid=121335352.1678111312&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&_s=1&uid=&sid=1678111312&sct=1&seg=0&dl=https%3A%2F%2Fcitigroupstore.com%2F&dt=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&en=page_view&_fv=1&_ss=1&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8QNLD90GTB&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2415.1e100.net

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://citigroupstore.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 132ms
102ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1678111312704&id=t2_2ttedlir&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=04bb50f2-cad4-45ad-af2b-6295a094dabf&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 217ms
137ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=59543057-7957-43d0-ae2d-2403cdb44c04&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4e9df65b-c1fd-4064-a533-c575e2087bc1&tw_document_href=https%3A%2F%2Fcitigroupstore.com%2F&tw_iframe_status=0&txn_id=nzm8c&type=javascript&version=2.3.29

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: db3b3ec9415d6e8a
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 87ea7ec78a3ffbac98123fd878964a4932368fbe9090fc2f0c06e400816dc854
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 261ms
132ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=59543057-7957-43d0-ae2d-2403cdb44c04&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4e9df65b-c1fd-4064-a533-c575e2087bc1&tw_document_href=https%3A%2F%2Fcitigroupstore.com%2F&tw_iframe_status=0&txn_id=nzm8c&type=javascript&version=2.3.29

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time: 106
date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 79a78959e13a2f42
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 262a98ca245f2b9509263852e31e2f10d2c862dfa42459886a7143b829dcb973
content-length: 43

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 8E31 0
294 B 101ms
17ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=c8be0027-7179-4908-a50c-1de771b0e87e&u_scsid=2c7d6167-878c-462d-b523-28b5eff075e5&u_sclid=dd9be2be-a15d-4172-8c0c-bd883187cdcc

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 06 Mar 2023 14:01:52 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 c8be0027-7179-4908-a50c-1de771b0e87e.js Show response
tr.snapchat.com/config/com/ 144 B
533 B 32ms
18ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/c8be0027-7179-4908-a50c-1de771b0e87e.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

91c44feb9af817df60548c615bea818c54dfda4ebfe0b279eed691365a144dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
Origin: https://citigroupstore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://citigroupstore.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p
tr.snapchat.com/ 68 B
309 B 17ms
17ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=c8be0027-7179-4908-a50c-1de771b0e87e&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fcitigroupstore.com%2F&bt=1d53c387&if=false&m_dcl=1429&m_fcps=1386&m_pi=1415&m_pl=0&m_pv=v2&m_rd=1920&m_sl=1913&rf=&trackId=bcebd720-0cdc-41ac-bf47-ea214f27188d&ts=1678111312725&u_c1=9ee15e47-465b-4147-9b0b-2f273d5603c0&u_sclid=dd9be2be-a15d-4172-8c0c-bd883187cdcc&u_scsid=2c7d6167-878c-462d-b523-28b5eff075e5&v=2.0.0

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 d2a51cf8-ae26-476d-90d6-15577b334259-additional-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 9 KB
10 KB 8ms
7ms Script
application/javascript 2600:9000:223f:600:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/d2a51cf8-ae26-476d-90d6-15577b334259-additional-latest.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/d2a51cf8-ae26-476d-90d6-15577b334259-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:600:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78e9672575100d4950534555587df2617a9a6e21fc9ced07cd54b9726925585b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 2gSkoDC.VPnX47toBq.FAoJSTPKAg98L
date: Mon, 06 Mar 2023 03:28:15 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 22:41:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 38018
etag: "8b6901ac0ab9b07d6c3b944472382162"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9471
x-amz-cf-id: H-AlArYlwWjGuaa92MzhXawRwEGUWU-ktCmOY3jxpKww7MnN6rXk2g==

GET
H2 200 tracker-latest.min.js Show response
d2hrivdxn8ekm8.cloudfront.net/ 9 KB
9 KB 6ms
6ms Script
application/javascript 2600:9000:223f:600:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/d2a51cf8-ae26-476d-90d6-15577b334259-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:600:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d670621488b45b33d1a17b5e1250319b2ce513ededb4dbec847284c35e06f3d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: FtDzqVxCNLcLRbf2i_demDjaD8dXoTf8
date: Sun, 05 Mar 2023 23:28:40 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2023 23:38:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 52393
x-amz-server-side-encryption: AES256
etag: "85ac140eb3a9fcf2b232e66ca1c134c3"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
content-length: 9238
x-amz-cf-id: L44_yht-tpFW6FPSCVDvq5E7KCVxuHBICPiVg0njQhVuovvWCgfVOw==

POST
H2 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 161ms
160ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
server: Google Frontend
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: fb8cb5ba49468296808f45a29960911f
function-execution-id: zoaloopsl4xk
access-control-allow-headers: Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 153ms
129ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://citigroupstore.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Mon, 06 Mar 2023 14:01:52 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: djpotfimhdc8
server: Google Frontend
x-cloud-trace-context: 2a57512ec343095c4e0dc9c2511d4c04
x-powered-by: Express

GET
H2 200 5a28e627 Show response
dvqigh9b7wa32.cloudfront.net/ 43 B
494 B 84ms
21ms XHR
image/gif 13.224.194.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dvqigh9b7wa32.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49ZDJhNTFjZjgtYWUyNi00NzZkLTkwZDYtMTU1NzdiMzM0MjU5JnNlc3Npb25JZD00MTkwODBmNi00MTA2LWY0NWUtOWI1OC1kMGYxNzIyMWI4MTU%3D&date=1678111312743
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-15.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:05:15 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 35798
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: ZXoO1kASpgAjOXvScptR2wOTeMWmaksMxCldgdQhiEUJ6YTIGXBGxA==

GET
H2 200 5a28e627 Show response
d330aiyvva2oww.cloudfront.net/ 43 B
494 B 37ms
11ms XHR
image/gif 2600:9000:2250:4600:3:760:2800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d330aiyvva2oww.cloudfront.net/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE3JnRva2VuPWQyYTUxY2Y4LWFlMjYtNDc2ZC05MGQ2LTE1NTc3YjMzNDI1OSZzZXNzaW9uSWQ9NDE5MDgwZjYtNDEwNi1mNDVlLTliNTgtZDBmMTcyMjFiODE1&date=1678111312743
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4600:3:760:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 35798
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: HmnQpln6gY0aL_By9OxbMAuIlNN7Gr-4pjpBlEyiU86VwO1mtw6GWQ==

GET
H2 200 5a28e627 Show response
d1lu3pmaz2ilpx.cloudfront.net/ 43 B
452 B 40ms
14ms XHR
image/gif 2600:9000:225e:5800:17:f683:1d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lu3pmaz2ilpx.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49ZDJhNTFjZjgtYWUyNi00NzZkLTkwZDYtMTU1NzdiMzM0MjU5JnNlc3Npb25JZD00MTkwODBmNi00MTA2LWY0NWUtOWI1OC1kMGYxNzIyMWI4MTUmY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPVdpbmRvd3MmJTI0Y3VycmVudFVybD1odHRwcyUzQSUyRiUyRmNpdGlncm91cHN0b3JlLmNvbSUyRg%3D%3D&date=1678111312745
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:5800:17:f683:1d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:52 GMT
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 35798
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
vary: Origin
accept-ranges: bytes
x-amz-cf-id: 26uDORzvHqWUHh0gXIcHp7vXlBVpaemWTMZJkaqXDSa70SmQ3pB4hg==

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-2452&value=&uncacheplz=4784734933
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-2452&value=&uncacheplz=4784734933&_bee_ppp=1

43 B
796 B

31ms
30ms

Image
image/gif

54.194.143.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-2452&value=&uncacheplz=4784734933&_bee_ppp=1

Requested by

Host: citigroupstore.com
URL: https://citigroupstore.com/

Protocol

HTTP/1.1

Server

54.194.143.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-143-61.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-2452&value=&uncacheplz=4784734933&_bee_ppp=1
Date: Mon, 06 Mar 2023 14:01:52 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 102ms
101ms Stylesheet
text/css 18.210.93.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.93.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-93-189.compute-1.amazonaws.com
Software: /
Resource Hash: 3f4d06afe580addbed449556098f7553b06b9ff84aff3c363044c0d8e24ea503

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 06 Mar 2023 14:01:52 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 392ms
98ms Fetch
image/jpeg 18.210.93.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.93.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-93-189.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 06 Mar 2023 14:01:53 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H2 200 11.svg Show response
aacdn.nagich.com/assets/images/ 1017 B
935 B 259ms
258ms Fetch
image/svg+xml 2606:4700:20::ac43:44bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aacdn.nagich.com/assets/images/11.svg

Requested by

Host: aacdn.nagich.com
URL: https://aacdn.nagich.com/core/4.2.1/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

247fc189082160e979e84de9e2a591da28319423bc1b706e9a99f2fe3bced7af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Aug 2019 12:47:47 GMT
server: cloudflare
etag: W/"42b27526748d51:0"
x-frame-options: deny
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCH12XsdfkDi5Hbontil77As3MThRttHdEhgybw4uWGuC%2BAJF36zVnjJtFHqAEUiUQStFjCg15oka%2F1jac0NTDSMIf6YMseF8Z76DtPub0HtP%2Be7wb%2FghCUxdW7I4rfiHWLNFGjIMoA0bgvYvzo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2204800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7a3b2218b9c83a67-FRA

GET
H/1.1 200
OK 1*1.gif
logs-01.loggly.com/inputs/9b965af4-52fb-46fa-be1b-8dc5fb0aad05/tag/jsinsight/ 0
0 408ms
99ms Image
text/html 52.73.201.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logs-01.loggly.com/inputs/9b965af4-52fb-46fa-be1b-8dc5fb0aad05/tag/jsinsight/1*1.gif?ver=U66&acid=A356617-654d-4f72-a649-40b4707b47911&type=UTT&msg=No%20campaign%20for%20landing%20page%3A%20https%3A%2F%2Fcitigroupstore.com%2F&event=identify()%20exit&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.201.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-201-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 main.MTE3ZGZjMmFkMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 238 KB
65 KB 65ms
64ms Script
application/javascript 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C554HR000UN7QUNFFK40&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a6563f1b77608e27cb823aeea1c95a4db298557918d9ed6e8e9db5160d8aabdd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-akamai-request-id: 136c759c
date: Mon, 06 Mar 2023 14:01:52 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023022114533631566DAE35773B26D8EF
vary: Accept-Encoding
x-cache: TCP_HIT from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01abc58c4b10fe69c1c99360b280ab0776c162e63d812c829ea65d4256a058f99dc2426c8757d2f16c221f90176f823183f7b2828315e65026f506bb2881359c00c4b660d312698f705458373921b70b8d3c19bc8ecc444a6511fe367583cd74a6
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 66217

GET
H2 200 identify_cab4d.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 37ms
36ms Script
application/javascript 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-akamai-request-id: 136c767e
date: Mon, 06 Mar 2023 14:01:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230221145329C2AC5C87B2EA7403619E
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01fb2008d572c9ff5d1f9424fcb9348065162e8473a37666c35249051ee117cf1906fd9aaf82c5badb64c4e1eeed3595aa78409ee0538675d2e98d7de544fe2e9041a66ebe5f77e01f45ac7defe08eb30c133cf7c263ce311af4e8799241117f7f
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=7
content-length: 30686

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
695 B 189ms
189ms Ping
text/plain 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d558035f.136c76d7
date: Mon, 06 Mar 2023 14:01:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 152,23.202.121.136
server-timing: cdn-cache; desc=MISS, edge; dur=112, origin; dur=44, inner; dur=24
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202303061401533713D114B988CC5C35F6
x-cache-remote: TCP_MISS from a23-39-229-69.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 44,23.39.229.69
x-tt-trace-host: 019fd80e76e1929b5b163e31a01375ecba87ac7255488f85425761a408cceeff614dd85951b423e818fd12a531725c94df9abe26b3e1f73b9377b6092bc979fb81828743a284f39fec2d5073e7f8427edd4290366a4068b7466e579ff9b7b1d4ee8f1115f34de5faf2bbaf1015e1e43d34
expires: Mon, 06 Mar 2023 14:01:53 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 231ms
231ms Ping
text/plain 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 528d27b8.136c76d8
date: Mon, 06 Mar 2023 14:01:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 192,23.202.121.136
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=94, inner; dur=78
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230306140153AF1A8B18A73F31795FE3
x-cache-remote: TCP_MISS from a23-39-229-76.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 94,23.39.229.76
x-tt-trace-host: 019fd80e76e1929b5b163e31a01375ecba87ac7255488f85425761a408cceeff6182a047c252be6c6306f9144cc3fc9022c55aad6b5e88bc648727da13e58e2ecf6f7ab3b65bf3f48385add14023afe50a0ed9a3c15847ebe36c5fbffa5bb0899d85f4feedab4d8964072d0ff4a823ee3d
expires: Mon, 06 Mar 2023 14:01:53 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
695 B 173ms
173ms Ping
text/plain 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 31b18d42.136c76d9
date: Mon, 06 Mar 2023 14:01:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 136,23.202.121.136
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=38, inner; dur=24
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202303061401536C9773D0239649367111
x-cache-remote: TCP_MISS from a23-62-155-133.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 38,23.62.155.133
x-tt-trace-host: 019fd80e76e1929b5b163e31a01375ecba87ac7255488f85425761a408cceeff61b89a46b2e59a053afe5f6d963792ae3e5a1d481354f9f836ece25b604afaf567eccc1d287b2f5215295f16064dbe3e26913208901a4058cbbfc443baef86bb474202bc61542b10531a19939512fca870
expires: Mon, 06 Mar 2023 14:01:53 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 158ms
158ms Ping
text/plain 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: db968c20.136c76db
date: Mon, 06 Mar 2023 14:01:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 122,23.202.121.136
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=24, inner; dur=17
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202303061401533B7CD8C8EEDF6817BAA5
x-cache-remote: TCP_MISS from a23-39-229-22.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,23.39.229.22
x-tt-trace-host: 019fd80e76e1929b5b163e31a01375ecba87ac7255488f85425761a408cceeff61670abf633cf2a7178a7ae48ea42bc7ec53b1d64ad294642b4741abb5fe516f40d6b18a5c9353e8bbe6293ec5e431d674c241ede63d38ad23793685eff671baa0b5c75b13a675668a3f612c8542f23d5c
expires: Mon, 06 Mar 2023 14:01:53 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 164ms
164ms Ping
text/plain 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4ff4ced5.136c76dc
date: Mon, 06 Mar 2023 14:01:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 128,23.202.121.136
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=30, inner; dur=18
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230306140153B0F5388649574B9EC3D6
x-cache-remote: TCP_MISS from a23-39-229-61.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 30,23.39.229.61
x-tt-trace-host: 019fd80e76e1929b5b163e31a01375ecba87ac7255488f85425761a408cceeff61b138742161bc581a3c3acf55f890ae3bac147738f4262ce739369b449c0dbafe4f115f07eb9fe710d9e584792fb842df5cbdf316182c3eba4f03e4989948492d209db00aeaa5610dcf7152372593ba19
expires: Mon, 06 Mar 2023 14:01:53 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
693 B 166ms
165ms Ping
text/plain 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: db968bef.136c76dd
date: Mon, 06 Mar 2023 14:01:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 126,23.202.121.136
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=25, inner; dur=18
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230306140153B55911A35F995F39E017
x-cache-remote: TCP_MISS from a23-39-229-22.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 26,23.39.229.22
x-tt-trace-host: 019fd80e76e1929b5b163e31a01375ecba87ac7255488f85425761a408cceeff61670abf633cf2a7178a7ae48ea42bc7ec53b1d64ad294642b4741abb5fe516f409c1c01dbb75e645bb21d8481d150ab200566aab515bfb36ae72b32a6d22c60235684ddbf9cac2f227365727aff26d41a
expires: Mon, 06 Mar 2023 14:01:53 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
693 B 162ms
162ms Ping
text/plain 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 51e31d77.136c76df
date: Mon, 06 Mar 2023 14:01:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 121,23.202.121.136
server-timing: cdn-cache; desc=MISS, edge; dur=107, origin; dur=23, inner; dur=15
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230306140153966B3F08ABF18A165FD9
x-cache-remote: TCP_MISS from a23-39-229-31.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 23,23.39.229.31
x-tt-trace-host: 019fd80e76e1929b5b163e31a01375ecba87ac7255488f85425761a408cceeff6120fe26a13e9ea84401cc7531028ca3768aa981f3fca87274f821d405d29df2265910afee9703ba934937717bd02d9f1a405845667d0d2dddbf6f92b49bbcace1fbff247c4e53283c962f67fa7ceee670
expires: Mon, 06 Mar 2023 14:01:53 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 438ms
438ms Ping
text/plain 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 51e30f88.136c7713
date: Mon, 06 Mar 2023 14:01:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 368,23.202.121.136
server-timing: cdn-cache; desc=MISS, edge; dur=124, origin; dur=251, inner; dur=99
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230306140153910290383C87125FC3CA
x-cache-remote: TCP_MISS from a23-39-229-31.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 251,23.39.229.31
x-tt-trace-host: 019fd80e76e1929b5b163e31a01375ecba87ac7255488f85425761a408cceeff6120fe26a13e9ea84401cc7531028ca3767444d82806cd261ba69fbdd748b4019fb16bc8ce7ee9d7bc63fd47962902975b21d8e63960fcfd909c3b697582a5778fd7800052e8c662ecfab0456a93ca7694
expires: Mon, 06 Mar 2023 14:01:53 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
695 B 228ms
228ms Ping
text/plain 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 767b6724.136c7714
date: Mon, 06 Mar 2023 14:01:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 158,23.202.121.136
server-timing: cdn-cache; desc=MISS, edge; dur=128, origin; dur=37, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230306140153166C61E3C01CBA273316
x-cache-remote: TCP_MISS from a23-39-229-45.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 37,23.39.229.45
x-tt-trace-host: 019fd80e76e1929b5b163e31a01375ecba87ac7255488f85425761a408cceeff61d42fdf4bc08952928b759e942a5adae814ad0c75fd675e052051641a6358f2b3fa84b6092bbfc57aea5e8c4c7d44c3498f88d46ff15d15eab7f440c9d910d57cc050c415a2cc43b299e7a64f2c9b5e0d
expires: Mon, 06 Mar 2023 14:01:53 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
695 B 193ms
193ms Ping
text/plain 95.101.75.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 31b18cb1.136c7715
date: Mon, 06 Mar 2023 14:01:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-136.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 124,23.202.121.136
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=26, inner; dur=15
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202303061401530CE1642F56B5E6DEAE71
x-cache-remote: TCP_MISS from a23-62-155-133.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 26,23.62.155.133
x-tt-trace-host: 019fd80e76e1929b5b163e31a01375ecba87ac7255488f85425761a408cceeff61b89a46b2e59a053afe5f6d963792ae3eafb0789125767e88b0374db8ab9a5c553811217a23b2252b48a004c76f74d6b5d9eba49fa6f3112085005cea9be2a3d7961bacf3698dd59a25c0fb636b83f34b
expires: Mon, 06 Mar 2023 14:01:53 GMT

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
363 B 461ms
97ms XHR
text/plain 54.84.230.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/9730220283.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.230.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-230-230.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 06 Mar 2023 14:01:53 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://citigroupstore.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 73628ca0-f4dd-4881-b42d-62f6839403b2

GET
H/1.1 200
OK tv2track.php
collector-4820.tvsquared.com/ 42 B
276 B 112ms
112ms Image
image/gif 18.219.174.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-4820.tvsquared.com/tv2track.php?action_name=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&idsite=TV-54187290-1&rec=1&r=753387&h=14&m=1&s=53&url=https%3A%2F%2Fcitigroupstore.com%2F&_id=6937b7df1042d459&_idts=1678111313&_idvc=0&_idn=1&_viewts=&cvar=%7B%225%22%3A%5B%22Site%20Visit%22%2C%22%7B%5C%22rev%5C%22%3A%5C%22%3CREVENUE%3E%5C%22%2C%5C%22prod%5C%22%3A%5C%22%3CPRODUCT%3E%5C%22%2C%5C%22id%5C%22%3A%5C%22%3CACTIONID%3E%5C%22%2C%5C%22promo%5C%22%3A%5C%22%3CPROMOCODE%3E%5C%22%7D%22%5D%7D&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&_cvar=%7B%225%22%3A%5B%22session%22%2C%22%7B%5C%22user%5C%22%3A%5C%22%3CUSERREF%3E%5C%22%7D%22%5D%7D&gt_ms=273
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.174.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-174-229.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Mon, 06 Mar 2023 14:01:53 GMT
Server: nginx
Connection: keep-alive
Request-Id: 5a0587f9-8668-4b6a-9d43-361aeb85a704
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK tv2track.php
collector-4820.tvsquared.com/ 42 B
276 B 224ms
111ms Image
image/gif 18.219.174.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-4820.tvsquared.com/tv2track.php?action_name=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&idsite=TV-54187290-1&rec=1&r=428114&h=14&m=1&s=53&url=https%3A%2F%2Fcitigroupstore.com%2F&_id=6937b7df1042d459&_idts=1678111313&_idvc=0&_idn=0&_viewts=&cvar=%7B%225%22%3A%5B%22%22%2C%22%22%5D%7D&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&_cvar=%7B%225%22%3A%5B%22session%22%2C%22%7B%5C%22user%5C%22%3A%5C%22%3CUSERREF%3E%5C%22%7D%22%5D%7D&gt_ms=273
Requested by: Host: citigroupstore.com
URL: https://citigroupstore.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.174.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-174-229.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Mon, 06 Mar 2023 14:01:53 GMT
Server: nginx
Connection: keep-alive
Request-Id: e3cda8f5-c045-476a-bac7-bafb7494bf86
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
400 B 102ms
102ms XHR
text/plain 18.210.93.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=q8FmOe6z1kGX7LWy3w21PA&is_js=true&landing_url=https%3A%2F%2Fcitigroupstore.com%2F&t=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&tip=ouQJEBSVO5zvxmVRtRFLMGnT4UMVQZPGwI8A9zYksxs&host=https://citigroupstore.com&sa_conv_data_css_value=%20%220-b908b2fc-326f-59ba-6ff1-2f12b0279f38%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9494c9412bd1e48de49e267617e0d5b31d9409743&sa-user-id-v2=s%253AuQiy_DJvWbpv8S8SsCefONlAl0M.UyK%252BPrm2j6JxZonmGAMTjuUBnadJ2CN22jZMZ%252F8%252Fcac&sa-user-id=s%253A0-b908b2fc-326f-59ba-6ff1-2f12b0279f38.ujnJIa3W%252BuYXiRYinS1%252BFicAxoXUdtLn1lWXP9TFhZU
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.93.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-93-189.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 14:01:53 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://citigroupstore.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 94

GET
H2 200 collect Show response
capi.acorns.com/g/ 65 B
418 B 315ms
315ms XHR
text/plain 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://capi.acorns.com/g/collect?v=2&tid=G-8QNLD90GTB&gtm=45je3310&_p=1659095512&cid=121335352.1678111312&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&_s=2&uid=&sid=1678111312&sct=1&seg=0&dl=https%3A%2F%2Fcitigroupstore.com%2F&dt=Acorns%20-%20Invest%2C%20Earn%2C%20Grow%2C%20Spend%2C%20Later%20%7C%20Acorns%20%7C%20Acorns&en=PageView&ep.event_id=167811131213818&ep.x-fb-ud-external_id=&_et=2&up.x-fb-ud-external_id=&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8QNLD90GTB&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2415.1e100.net

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 14:01:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://citigroupstore.com
cache-control: no-cache
access-control-allow-credentials: true

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
363 B 97ms
97ms XHR
text/plain 54.84.230.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/9730220283.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.230.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-230-230.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 06 Mar 2023 14:01:54 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://citigroupstore.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: afb8089d-2556-4193-a51d-27a93c8505db

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.pointmediatracker.com
URL: https://pixel.pointmediatracker.com/kpi?c=acorns&kpi=visit&tag_id=120&fpc=7572d227-b2e6-4945-92fb-6087294b8516&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&gtmcb=1767903863

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 10:09:57	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.citigroupstore.com/	1970-01-20 10:09:57	Name: _gid Value: GA1.2.161947696.1678111312
.citigroupstore.com/	1970-01-20 10:08:31	Name: _gat Value: 1
.citigroupstore.com/	1970-01-20 14:27:43	Name: optimizelyEndUserId Value: oeu1678111311999r0.8542919049735251
.citigroupstore.com/	1970-01-20 18:54:07	Name: rl_user_id Value: RudderEncrypt%3AU2FsdGVkX181Y4g3rECKXvTG%2FU25rwF64VP7ip0SXe0%3D
.citigroupstore.com/	1970-01-20 18:54:07	Name: rl_anonymous_id Value: RudderEncrypt%3AU2FsdGVkX1%2BXl6S%2BwVFnHmsWlfEyFP2tpo2dJvogupDG8r%2FBXBApWTFJL94hmYeo1S3y%2BpT0fEZiwjch5cgODw%3D%3D
.citigroupstore.com/	1970-01-20 18:54:07	Name: rl_group_id Value: RudderEncrypt%3AU2FsdGVkX186T25Gm2Pe3Q%2F7MLtfubHOUvHxTmsdwPQ%3D
.citigroupstore.com/	1970-01-20 18:54:07	Name: rl_trait Value: RudderEncrypt%3AU2FsdGVkX1%2FAKDNgpzXQDcM%2FyZHhSRhsAwXfQfYb6IU%3D
.citigroupstore.com/	1970-01-20 18:54:07	Name: rl_group_trait Value: RudderEncrypt%3AU2FsdGVkX1%2Br89m1pbwJvZrwFU34QMBWqz%2F9qJ585Vs%3D
.citigroupstore.com/	1970-01-20 18:54:07	Name: rl_page_init_referrer Value: RudderEncrypt%3AU2FsdGVkX19Y1IcCZYyD9eHjTBrCgcuGr5lRcxfgfCk%3D
.citigroupstore.com/	1970-01-20 18:54:07	Name: rl_page_init_referring_domain Value: RudderEncrypt%3AU2FsdGVkX1%2BPNgb7N4UaW5crMf6pEvNl42Ge3JtzRPI%3D
.citigroupstore.com/	1970-01-20 18:54:07	Name: rl_session Value: RudderEncrypt%3AU2FsdGVkX189IMOJ0jy3%2By2Qb%2FaWMw1soU9GrH7JNzV81%2Fh9hN8nQWk7oA6b1hjy2tWDddT0qUvyqBDjUUb07Hg%2FaatQF1a1x8Q%2Fuo3BNEH%2BdZx%2BZFRYibWg%2BvPPuk%2FH1DmbrcYb5a8DcsAiLeF1eA%3D%3D
.citigroupstore.com/	1970-01-20 12:18:07	Name: _gcl_au Value: 1.1.2122126791.1678111312
citigroupstore.com/	1970-01-20 10:18:36	Name: FPC Value: 7572d227-b2e6-4945-92fb-6087294b8516
citigroupstore.com/	1970-01-20 10:18:36	Name: fp_webid Value: 203886ee-48b1-4382-a631-96ceb405c22c
.citigroupstore.com/	1970-01-20 10:08:31	Name: _gat_UA-46142661-9 Value: 1
.citigroupstore.com/	1970-01-20 19:44:31	Name: _ga_N6KB6DJJP1 Value: GS1.1.1678111312.1.0.1678111312.60.0.0
.citigroupstore.com/	1970-01-20 19:44:31	Name: _ga Value: GA1.1.121335352.1678111312
.citigroupstore.com/	1970-01-20 10:09:57	Name: _uetsid Value: 72300fd0bc2711edbb269b27cb972476
.citigroupstore.com/	1970-01-20 19:30:07	Name: _uetvid Value: 72300810bc2711ed8c0d67c1351bcb14
.bing.com/	1970-01-20 19:30:07	Name: MUID Value: 2B98246AC224619A1F9236A6C3F660B8
.citigroupstore.com/	1970-01-20 10:08:33	Name: _dpm_ses.d914 Value: *
.citigroupstore.com/	1970-01-20 18:54:07	Name: _dpm_id.d914 Value: af15747f-4e41-4f41-bb7b-69909d5bfe52.1678111313.1.1678111313.1678111313.4bc2183e-c1b2-41e4-a6d4-08ebe5002ae9
.citigroupstore.com/	1970-01-20 19:44:31	Name: _ga_8QNLD90GTB Value: GS1.1.1678111312.1.0.1678111312.0.0.0
.citigroupstore.com/	1970-01-20 12:18:07	Name: _rdt_uuid Value: 1678111312703.04bb50f2-cad4-45ad-af2b-6295a094dabf
.citigroupstore.com/	1969-12-31 23:59:59	Name: _schn Value: _vg92w4
.citigroupstore.com/	1970-01-20 19:38:18	Name: _scid Value: 9ee15e47-465b-4147-9b0b-2f273d5603c0
citigroupstore.com/	1970-01-20 18:54:07	Name: __pdst Value: d35c8517686a403db7cae3022fe6fb84
tags.srv.stackadapt.com/	1970-01-20 18:54:07	Name: sa-user-id Value: s%3A0-b908b2fc-326f-59ba-6ff1-2f12b0279f38.ujnJIa3W%2BuYXiRYinS1%2BFicAxoXUdtLn1lWXP9TFhZU
.srv.stackadapt.com/	1970-01-20 18:54:07	Name: sa-user-id-v2 Value: s%3AuQiy_DJvWbpv8S8SsCefONlAl0M.UyK%2BPrm2j6JxZonmGAMTjuUBnadJ2CN22jZMZ%2F8%2Fcac
citigroupstore.com/	1970-01-20 19:44:31	Name: tatari-cookie-test Value: 36204849
.citigroupstore.com/	1970-01-20 10:08:31	Name: t-ip Value: 1
.citigroupstore.com/	1970-01-20 19:44:31	Name: tatari-session-cookie Value: 419080f6-4106-f45e-9b58-d0f17221b815
citigroupstore.com/	1970-01-20 18:54:07	Name: sa-user-id Value: s%253A0-b908b2fc-326f-59ba-6ff1-2f12b0279f38.ujnJIa3W%252BuYXiRYinS1%252BFicAxoXUdtLn1lWXP9TFhZU
citigroupstore.com/	1970-01-20 18:54:07	Name: sa-user-id-v2 Value: s%253AuQiy_DJvWbpv8S8SsCefONlAl0M.UyK%252BPrm2j6JxZonmGAMTjuUBnadJ2CN22jZMZ%252F8%252Fcac
.w55c.net/	1970-01-20 19:37:55	Name: wfivefivec Value: DRZdfSIP1Pzbpu2
.adnxs.com/	1970-01-20 12:18:07	Name: uuid2 Value: 916369903430484266
.adnxs.com/	1970-01-20 12:18:07	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GVGoWExD!]tbP6j2F-XstGt!@DP6$cCAP
.snapchat.com/	1970-01-20 19:30:07	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgREAMQQEwIrMODxSTuKjCsVnN/ve3Wz0ax4yl6blpaRSWlFh6+MZeCQAhQw/6WAt6TIAAAA=
.tiktok.com/	1970-01-20 19:30:07	Name: _ttp Value: 2MdxZ8sArWHkwkOGCyy9EZG8uqG
.bidr.io/	1970-01-20 19:37:01	Name: bito Value: AADnE07IC-UAACIrBlnMzQ
.bidr.io/	1970-01-20 19:37:01	Name: bitoIsSecure Value: ok
.t.co/	1970-01-20 19:44:31	Name: muc_ads Value: 3c3f17d8-8097-47b7-9146-e17c782aa656
.citigroupstore.com/	1970-01-20 19:30:07	Name: _tt_enable_cookie Value: 1
.citigroupstore.com/	1970-01-20 19:30:07	Name: _ttp Value: T9-VfGjLCcyuSHyA6YeOsV79Cuq
.twitter.com/	1970-01-20 19:44:31	Name: guest_id_marketing Value: v1%3A167811131299499765
.twitter.com/	1970-01-20 19:44:31	Name: guest_id_ads Value: v1%3A167811131299499765
.twitter.com/	1970-01-20 19:44:31	Name: personalization_id Value: "v1_lKyb/qFw+2BdKR6FqPeNKQ=="
.twitter.com/	1970-01-20 19:44:31	Name: guest_id Value: v1%3A167811131299499765
citigroupstore.com/	1970-01-20 19:44:31	Name: _tq_id.TV-54187290-1.d914 Value: 6937b7df1042d459.1678111313.0.1678111313..
.tvpixel.com/	1970-01-20 18:54:07	Name: sp Value: ad3d773d-7e42-4fb6-b0fd-aa702c9087e3

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pixel.pointmediatracker.com/kpi?c=acorns&kpi=visit&tag_id=120&fpc=7572d227-b2e6-4945-92fb-6087294b8516&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&gtmcb=1767903863 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://.acorns.com https://.acorns.io https://*.zesty.io https://solve-widget.forethought.ai

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a627150995.cdn.optimizely.com
aacdn.nagich.com
acornsprod-dataplane.rudderstack.com
alb.reddit.com
analytics.tiktok.com
analytics.twitter.com
api.rudderlabs.com
bat.bing.com
c.tvpixel.com
capi.acorns.com
cdn.cookielaw.org
cdn.optimizely.com
cdn.pdst.fm
cdn.rudderlabs.com
cdn3.optimizely.com
cdnjs.cloudflare.com
citigroupstore.com
collector-4820.tvsquared.com
d.impactradius-event.com
d1lu3pmaz2ilpx.cloudfront.net
d21y75miwcfqoq.cloudfront.net
d2hrivdxn8ekm8.cloudfront.net
d330aiyvva2oww.cloudfront.net
dvqigh9b7wa32.cloudfront.net
geolocation.onetrust.com
logs-01.loggly.com
logx.optimizely.com
p.tvpixel.com
pixel.pointmediatracker.com
region1.analytics.google.com
sc-static.net
secure.adnxs.com
segment.prod.bidr.io
sqy7rm.media.zestyio.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tags.srv.stackadapt.com
tags.w55c.net
tr.snapchat.com
us-central1-adaptive-growth.cloudfunctions.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.redditstatic.com
pixel.pointmediatracker.com
104.244.42.131
104.244.42.5
13.224.194.15
151.101.193.140
151.101.66.49
18.164.48.241
18.210.93.189
18.219.174.229
185.89.210.82
199.232.16.157
20.88.160.189
2001:4860:4802:34::36
2001:4860:4802:36::178
2001:4860:4802:36::36
216.239.36.21
23.36.233.121
23.37.32.235
2600:9000:214f:7e00:16:a497:9700:93a1
2600:9000:223f:600:17:3f5c:f800:21
2600:9000:2250:4600:3:760:2800:21
2600:9000:2250:5400:1b:ef38:3680:21
2600:9000:2251:c200:9:fddd:fc40:93a1
2600:9000:225e:5800:17:f683:1d40:21
2600:9000:225e:bc00:1d:bf0a:0:93a1
2606:4700:20::ac43:44bc
2606:4700:4400::ac40:9062
2606:4700::6811:190e
2606:4700::6813:bc61
2620:1ec:c11::200
2a00:1450:4001:803::2008
2a00:1450:400c:c00::9a
2a00:1450:400d:806::2003
2a00:1450:400d:80d::2004
2a02:26f0:4700:1a5::13b8
2a04:4e42:200::396
35.156.234.106
35.186.249.72
35.190.43.134
35.244.142.80
44.209.164.40
52.73.201.133
54.194.143.61
54.84.230.230
54.88.123.56
95.101.75.136
00dcef63c2f4f4dac6f8f64fd9ae07a8ca19ab32702d1fcb5fe90b74dcb81612
015a773fd5c9fff88a47b3fd9606c59318d1be9a65ab873ec35e10f90ff8b606
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0b595dfd05d9cdd5ee752924ede31787e76af6bb348e72a2f43870a5a847ca75
12763d57730d65fed3ec1f483cd6d3b7af10882ad2716e7f41b4829c5b8d8ddb
2399d2facc8dfea4b7e4ba6f868c41d7e5eb5eab4dcf3709c763cb2ffaf01514
247fc189082160e979e84de9e2a591da28319423bc1b706e9a99f2fe3bced7af
2614c2050d16d36a75a5f3fb59fe6b7490a844ae0c959c6b3c2e4a6641991d68
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
295696e28d5eeecf685825f1435d2c124a2c2e5368bd3f34d61821c32ae4c65a
29abc0ced159dd0cd79de50a96fadb71029bf9d7489abfba36b6845178bc31aa
29c62fe219558442e22e79ca385b4b5edccea5b24d4836f2478118ec1c465249
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d7682cac32a8f223208b6511817e870d52e306fc0d58e1c48dcc7e037a98976
3322b7121f031ac749179272e2d687b4d0a4e5319279dbe3e916cddcdf885642
35998e462f4b532bfb3640d61807c260438a8ebd4744ce48c5f808c956bd2685
38b2d6ca92e15cff0840b946dbce2fa02e74296d4dec31e9afd34ab34e827951
3aee60cca42f067e8cdcde810071fb3c6358107f64dbea07b7ddfa066c0cf37a
3f4d06afe580addbed449556098f7553b06b9ff84aff3c363044c0d8e24ea503
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
41c1b7f96412a3711a2bb5d81cf1c2b1c7d54cad6f69ce5ae5eefcd9244e6996
460b698b052164e5c25e8da6f0e6a6a041c1f72052d16e2ec7d475784c83782d
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b036dd6e9efed652f0d3de0d9c0c6a90cdf52bcfb8c70528e327a2da25c64c3
5062fa0943966c77dc24e0285fc79ee36e63499221bf722d141d46b1604e7059
50d260c2bdcd019b2ffa054f88f0c2c646acea7bc87d7f34985980661c1cb6b5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
581d447eb6b75fffeb4a8fc041bebca5158f0f41aa368fb6ef0c1690ae5000a9
58db23671c6a4f7fff5808d97349f70655acece47d1231aba9358e6aab42bf49
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
620660f45d9afea331852f7c4ef47e924069518bbf332b0fda09568f4f51bccf
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
669258e2dd447f8a3f41014c1358c41ab506bacb94ecfa7d305b6d36c3dfbd51
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b074fbf6834f2d4b30c89feeebfae88f9723b6e3d722f8b88ce4bdbe61b933a
6c4889799f568be158575967f9986b7f4eb084f6313e6596851dcc1e6369cfe1
784840d9d1a513f94b88db1c951f063e43a99760e773dfea3d2844a376abe39e
78e9672575100d4950534555587df2617a9a6e21fc9ced07cd54b9726925585b
7ab366f44b70a0614d8da647ee1b296e4493cfd414c12996d3f6b31bd8b0a494
7ac55225e5b3b5f2d76799f5a1cea7cbb9b6f7d7645298eb65c475930af7d45a
7bc7dc9400a4019451249f9866bd8790a43dd5b654baecb0dcde3b2c25a02302
7caf2ffab2b945584b22795222c15f55b167d58891bbc7a9279e2c15801a1d0f
7ee406b38fe02682ae8ddf93bb333ed6cb7ae197a8709669c38fcbdf2e5ab7fe
806b2861e7f56f4e033847f81273e9a53f7f7d17685e3546ca72b1878e0f8e9a
8079a353a5c1162151c2f582b9604eadcbee46ba4ec0124bc0afeb898d98765c
8311a776c5a7cfe3c6ae9ca3786b2a7451a94d1120413541eab75f651b6cfb3b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
873c88ff7bb7c09518e3a2a06a06a2719c3cabd1b0b4fd1ed3a1bc2269eb5b39
87f9909a05ad4f2256522a593c47443c4ce62ec88f762ff8ff973becd05ef762
8a59881aae83948c79aad351b6c2b206f08360449c9a47e725f4523b57c5d5e4
8d64e644c033429943fff149c3eea2c7a247b5b286b2bdcd757db2ce50435eb8
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
8fb6c11e0f3341fdd069c14ac9a75a51d4a396797042b70fc98ebb294f8fbbba
8fc757445da0f8965e037b9356b36c72ee70a180c85c19c919c385882db54c0e
91c44feb9af817df60548c615bea818c54dfda4ebfe0b279eed691365a144dc8
92df2477b56afc4ce0ad3bea35184016a1eeea9d653c1e26087d91a582823988
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
94f1964926df9e01f1b8c2b40636a3c9616cd062fc2ac065ad996d6fac47532e
952c3304ae0979a82e4e53cc49d7172f544974adfbc5808623eaa190b125a9ec
98e83da38f5b35d0406dfcb897da76d523d1061095f8925e17489cbebddc8ba8
9e48d9757e43846a6ccaf92f00e07fdb2080ae1d9d16b794eadb6d6503b94827
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a2f8546640817d5f53cfd1a24fc5b20d91d8a8fbe63e4c799d0394c6e7e4d42d
a323456e6ff4f742ba16fbd550200e39949761729da8a57442b6cbb7d7aad31d
a345c970494710261e47692b0b1067a67c2a3ad6f318677aa53615b26d730d28
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a6563f1b77608e27cb823aeea1c95a4db298557918d9ed6e8e9db5160d8aabdd
a6be138938d984e8c10dec4d55ae5b228f17c92ee02cab20fde11dc66e7828b2
ab31aaf1e9f55bad18ebd00651ecbd1a5dfae5f3307a8a6b1d73a9ac2d6f8f12
aba5d357125391f2f6c5e6f058ed6a57c3a46442da3450edd26ca4ff68baf8df
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b6a57771af3547b7747df54fdcbc55f4c46c09d88f36c2a6beda802c7f3df584
b7a0651876c9cf7cb6fa7e0255a7c5133aaf309cc3007aef7e2d32ce325c6e9c
b815f4028c148f82e0dfe1df4547d8ce0a01b8c264c000665b913ef299560e40
b9580de50cc77ba269dd28634f7ba278e2424952269a1fd3defcb76df82774cf
b9792c6132afafb298632395f335efeb91d3223163b1b7f3a1a60d79811fae4b
b9af77cdf60c23bce4e0e0380f02192bee73f67a6cd50fdd5633cab3e6f011e1
bab6f584235145000794b7e76bff95af18228137cb4f03a7036c9a91f3dd21c7
bee3ca5a85a9f5922139374e7aa578064bbf4dd94836604028c965daa003e9ef
c02f494e516bb37b59fdabb0c3ae0b6bf320499f1e1d0e28983f608c8b59bd3b
c0864bc7356d9693ebc6e61de0bb1addcfd2693bf3dc8406404d49ea7e4aad79
c09d1699a8d0284390d3f6b90203207781dbac9657ccf4eef0baaccc44aabb41
c21cfe877411ab0b04a6e1d75eefc95379274af637e75d1df1da45ec0b2b5769
c36cf13272dbdc6b91cf4e41e7fb31d7a72a9ad18f44d0d67724d859fb6f164b
c6790cd984cc24f4057ddc964ca8b1d85b785c4f5f8b1dc401559ae436dd1c1e
c8543898bb9ac66af54b902b4e5f1df174bd02ac3738f5c9cac37607a4c17c72
ca385f414de44ac6289a7054a11f3d46edeee2a9f914e468ffacc6db178c62aa
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0d31977fe5498c885a003b37ea4f543ee0e8c9f395e6529b813172b63ac4f46
d23ce381e31531a28268dd17e8a5043e894577a94b3297b944ff4413ef2733c5
d2fd363aebc49c4cc78f603d888d42ed72500b3c83cb844c1ecd78101e9f47ab
d315f1c89efd270e5c3360d57da89ba7b3d2db07cd19558a6f1bee0a4a1146a0
d540bec104470694d94b61c36029b7c94da26f8c91829e7aec8f5278eb9d0794
d670621488b45b33d1a17b5e1250319b2ce513ededb4dbec847284c35e06f3d1
da907d461569c62968aaf23080b068a05e9f8e3a296f242c5882880003d9d888
da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de24e7ea7c4a5166b584f30f1b66aa204b25cceb0e1ba30a1391041ffccc0db8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e275b4808fc80a08b74a08cf9473dae9a8f9950b63c52278bfbb60a41ef0b7a1
e2adb933987ecc1b413c1ad0d5024757f89f224afccc19d42f8c4c322aef7ea3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44e306e5b4a97134efdfae048a945c7f5149007df4c189f174cb08b1d81133b
e567b8b9e08f170c9979849d5d0d67c51eafd081ded94ac9ee5ea7c03f037807
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e85a8c0eccc4a0555de8e39e6e1217a805825763ee1ad61c0b2f843df7095f5a
e955e09b23ecb5fe9d773cedff0af65c4925712c710ab696dce67de2388fb33d
e9e8291b576550c05afce1c5de197c4fabd3759caf4cd18b2321e3c6ce66c887
eabc5bb8293c2e08ad33de276a64b8fcbb310069344f0e9ce94a1d3b378145fc
eb5c65ff584eb31f5566b9b2e994b5f6d2159646b29c5f1dbfb76c1a71ad3d30
ebdc9773a057416bdff20d4743b9894a904c0466d8469ecc2b1b41b5eb57d3c4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f62992394f522180c0dcff26cdfb4793a71a7d8fa8c70f82f59126d7a3e4fd4e
f7f4dcb9aa0f19ef4c2698b08ecfb7a35d6ed2edd8e39aa2823e3ba3fdfbc673
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
f9502b1f15efef884470d78697ab93d2b75c9912d1e04d9729e66f3b74c7451c
feccc42c28138eb5a796542c816b41755d811818695a903de53ec8f435957a06
ff3565cc93cf3c21b441dd5911de725fb55e4d203cfe380ea1b70adfc9c7504b

citigroupstore.com Open in urlscan Pro 20.88.160.189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

163 Requests

97 %HTTPS

47 %IPv6

36 Domains

46 Subdomains

46 IPs

6 Countries

2461 kBTransfer

5276 kBSize

51 Cookies

32 Outgoing links

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

citigroupstore.com Open in urlscan Pro
20.88.160.189 Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

97 %
HTTPS

47 %
IPv6

36
Domains

46
Subdomains

46
IPs

6
Countries

2461 kB
Transfer

5276 kB
Size

51
Cookies

163 HTTP transactions
0 data transactions