sit28.online.citi.com
Open in
urlscan Pro
104.70.85.47
Public Scan
Submitted URL: https://sit28.online.citi.com/
Effective URL: https://sit28.online.citi.com/US/login.do
Submission Tags: @phishunt_io
Submission: On December 10 via api from ES
Effective URL: https://sit28.online.citi.com/US/login.do
Submission Tags: @phishunt_io
Submission: On December 10 via api from ES
Summary
This website contacted 26 IPs
in 7 countries
across 21 domains to perform 141 HTTP transactions.
The main IP is 104.70.85.47, located in
Netherlands and
belongs to AKAMAI-AS, US.
The main domain is sit28.online.citi.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 12th 2020. Valid for: 2 years.
This is the only time sit28.online.citi.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 12th 2020. Valid for: 2 years.
This is the only time sit28.online.citi.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
55
104.70.85.47
(Netherlands)
ASN16625 (AKAMAI-AS, US)
PTR: a104-70-85-47.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-70-85-47.deploy.static.akamaitechnologies.com
| sit28.online.citi.com |
14
18.197.253.20
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
| nexus.ensighten.com |
4
34.120.207.148
(United States)
ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com
| di.rlcdn.com | |
| idsync.rlcdn.com |
5
184.24.31.116
(United States)
ASN16625 (AKAMAI-AS, US)
PTR: a184-24-31-116.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a184-24-31-116.deploy.static.akamaitechnologies.com
| sit.api.citi.com | |
| dit.api.citi.com |
4
52.49.47.228
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-47-228.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-47-228.eu-west-1.compute.amazonaws.com
| dpm.demdex.net | |
| citi.demdex.net |
1
23.36.236.158
(Netherlands)
ASN16625 (AKAMAI-AS, US)
PTR: a23-36-236-158.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-36-236-158.deploy.static.akamaitechnologies.com
| tags.bkrtx.com |
3
2a00:1450:4001:817::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
15.237.136.106
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
| metrics1.citi.com |
1
54.194.111.119
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-111-119.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-111-119.eu-west-1.compute.amazonaws.com
| citicorpcreditservic.tt.omtrdc.net |
1
35.244.245.222
(Mountain View, United States)
ASN15169 (GOOGLE, US)
PTR: 222.245.244.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 222.245.244.35.bc.googleusercontent.com
| sr.rlcdn.com |
1
104.111.224.160
(Netherlands)
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-160.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-160.deploy.static.akamaitechnologies.com
| c1.rfihub.net |
1
216.58.205.226
(Mountain View, United States)
ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f226.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f226.1e100.net
| cm.g.doubleclick.net |
4
192.193.179.250
(United States)
ASN25883 (CITIGROUP, US)
PTR: uat.report.nacustomerexperience.citi.com
ASN25883 (CITIGROUP, US)
PTR: uat.report.nacustomerexperience.citi.com
| uat.report.nacustomerexperience.citi.com |
1
184.24.24.167
(United States)
ASN16625 (AKAMAI-AS, US)
PTR: a184-24-24-167.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a184-24-24-167.deploy.static.akamaitechnologies.com
| stags.bluekai.com |
1
52.141.218.213
(Des Moines, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| contents3.00110.citi.com |
2
91.235.134.131
(Netherlands)
ASN30286 (THM, US)
ASN30286 (THM, US)
| 89oebq5k3jtig7e4itgrm7duyg7lslnmgzq23ot3f3a5dd41736827b4am1.e.aa.online-metrix.net | |
| 89oebq5kyijwkpflh2naqdvut5avjqgx7qrwwgk564fb6732c487b4f3am1.e.aa.online-metrix.net |
1
35.241.45.82
(Ascension Island)
ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
| udc-neb.kampyle.com |
1
35.176.206.104
(London, United Kingdom)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-206-104.eu-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-206-104.eu-west-2.compute.amazonaws.com
| aa.agkn.com |
| Domain | Requested by | |
|---|---|---|
| 55 | sit28.online.citi.com |
2 redirects
sit28.online.citi.com
nexus.ensighten.com |
| 27 | content22.online.citi.com |
sit28.online.citi.com
content22.online.citi.com |
| 14 | nexus.ensighten.com |
sit28.online.citi.com
nexus.ensighten.com |
| 4 | uat.report.nacustomerexperience.citi.com |
nexus.ensighten.com
|
| 4 | sit.api.citi.com |
sit28.online.citi.com
nexus.ensighten.com |
| 3 | idsync.rlcdn.com | 2 redirects |
| 3 | www.google.com |
cse.google.com
|
| 3 | www.googletagmanager.com |
nexus.ensighten.com
www.googletagmanager.com |
| 3 | dpm.demdex.net |
1 redirects
sit28.online.citi.com
|
| 2 | px0.pbbl.co | 1 redirects |
| 2 | h.online-metrix.net |
content22.online.citi.com
|
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | cdn.pbbl.co |
nexus.ensighten.com
cdn.pbbl.co |
| 2 | www.youtube.com |
sit28.online.citi.com
www.youtube.com |
| 2 | resources.digital-cloud-citi.medallia.com |
sit28.online.citi.com
resources.digital-cloud-citi.medallia.com |
| 1 | aa.agkn.com | 1 redirects |
| 1 | udc-neb.kampyle.com | |
| 1 | 89oebq5kyijwkpflh2naqdvut5avjqgx7qrwwgk564fb6732c487b4f3am1.e.aa.online-metrix.net | |
| 1 | dit.api.citi.com |
nexus.ensighten.com
|
| 1 | nebula-cdn.kampyle.com |
resources.digital-cloud-citi.medallia.com
|
| 1 | 89oebq5k3jtig7e4itgrm7duyg7lslnmgzq23ot3f3a5dd41736827b4am1.e.aa.online-metrix.net | |
| 1 | contents3.00110.citi.com |
nexus.ensighten.com
|
| 1 | p.rfihub.com | 1 redirects |
| 1 | live.rezync.com | 1 redirects |
| 1 | 20822230p.rfihub.com | 1 redirects |
| 1 | c1.rfihub.net |
nexus.ensighten.com
|
| 1 | sr.rlcdn.com |
nexus.ensighten.com
|
| 1 | citicorpcreditservic.tt.omtrdc.net |
nexus.ensighten.com
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | metrics1.citi.com |
nexus.ensighten.com
|
| 1 | citi.demdex.net |
nexus.ensighten.com
|
| 1 | stags.bluekai.com |
sit28.online.citi.com
tags.bkrtx.com |
| 1 | cse.google.com |
sit28.online.citi.com
|
| 1 | tags.bkrtx.com |
nexus.ensighten.com
|
| 1 | di.rlcdn.com |
sit28.online.citi.com
|
| 0 | ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed |
content22.online.citi.com
|
| 0 | api.rlcdn.com Failed |
sit28.online.citi.com
|
| 141 | 37 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| uat1.online.citi.com DigiCert SHA2 Extended Validation Server CA |
2020-06-12 - 2022-08-29 |
2 years | crt.sh |
| nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2020-09-09 - 2021-10-11 |
a year | crt.sh |
| *.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-14 - 2021-04-23 |
a year | crt.sh |
| *.digital-cloud-citi.medallia.com SSL.com RSA SSL subCA |
2020-10-21 - 2021-11-21 |
a year | crt.sh |
| sandbox.api.citi.com DigiCert SHA2 Extended Validation Server CA |
2020-10-08 - 2021-11-07 |
a year | crt.sh |
| *.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
| content22.online.citi.com DigiCert SHA2 Extended Validation Server CA |
2020-07-14 - 2022-08-06 |
2 years | crt.sh |
| *.bkrtx.com DigiCert SHA2 Secure Server CA |
2020-02-28 - 2021-05-29 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
| metrics1.citi.com DigiCert SHA2 Extended Validation Server CA |
2020-07-02 - 2022-08-30 |
2 years | crt.sh |
| www.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
| *.tt.omtrdc.net DigiCert SHA2 Secure Server CA |
2020-11-02 - 2021-11-09 |
a year | crt.sh |
| *.pbbl.co Amazon |
2020-12-04 - 2022-01-02 |
a year | crt.sh |
| *.rfihub.net DigiCert SHA2 Secure Server CA |
2020-04-01 - 2021-07-01 |
a year | crt.sh |
| uat.report.nacustomerexperience.citi.com DigiCert SHA2 Extended Validation Server CA |
2020-03-31 - 2022-06-26 |
2 years | crt.sh |
| odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1 |
2020-10-15 - 2021-04-09 |
6 months | crt.sh |
| contents1.00110.citi.com DigiCert SHA2 Extended Validation Server CA |
2020-08-10 - 2022-08-10 |
2 years | crt.sh |
| h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1 |
2020-02-20 - 2021-02-19 |
a year | crt.sh |
| *.e.aa.online-metrix.net Go Daddy Secure Certificate Authority - G2 |
2019-09-13 - 2021-09-13 |
2 years | crt.sh |
| j.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2 |
2020-10-01 - 2021-11-02 |
a year | crt.sh |
| *.kampyle.com RapidSSL RSA CA 2018 |
2020-02-11 - 2022-03-06 |
2 years | crt.sh |
| px0.pbbl.co GTS CA 1D2 |
2020-10-26 - 2021-01-24 |
3 months | crt.sh |
This page contains 13 frames:
Primary Page:
https://sit28.online.citi.com/US/login.do
Frame ID: 22430A9E9DEF3EA1DCE12983FB008FDA
Requests: 103 HTTP requests in this frame
Frame:
https://citi.demdex.net/dest5.html?d_nsid=0
Frame ID: 57DD91493E4E4F66CBDF0182B4A638BD
Requests: 1 HTTP requests in this frame
Frame:
https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: BF3DAFCFA935C565778D115657A7A326
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/check.js;CIS3SID=A197A1C5E1AB238651FC959BF32C0131?org_id=89oebq5k&session_id=8dbde57ce7db61e323625cb8d448c36730c563c2c78069e7e01cdd0f80ad2d0a&nonce=f3a5dd41736827b4&pageid=1&jb=3b3724266a736d773d4e696c77782668716d3f4e696c7770266a736a3f416a706d6d672530323a31
Frame ID: 215E6CEC820993BD29FBEB3C5367E084
Requests: 12 HTTP requests in this frame
Frame:
https://stags.bluekai.com/site/63068?ret=html&phint=language%3Denglish&phint=product%3D&phint=event&phint=category%3Dpre-login%20Sign%20on%20page&phint=page%3DNon%20Cookied%20Username%20Password%20&phint=section1%3DPublic&phint=section2%3DSignOn&phint=section3%3D&phint=section4%3D&phint=bankappstatus&phint=productID&phint=__bk_t%3DOnline%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&phint=__bk_k%3Dbanking%2C%20citi%2C%20financial%20services%2C%20checking%20account%2C%20savings%20account%2C%20credit%20cards&phint=__bk_l%3Dhttps%3A%2F%2Fsit28.online.citi.com%2FUS%2Flogin.do&phint=__bk_v%3D3.1.7&limit=10&r=80414575
Frame ID: 5807520BBA0944953415A99527207C46
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/check.js;CIS3SID=0827EA2D02A29A1D4E5286E6041CC688?org_id=89oebq5k&session_id=6b723e63a48a9cb9d614b485d187d8132c6e0710f1c26393641e10ee416eaed0&nonce=64fb6732c487b4f3&pageid=1&jb=3135242468736d773d4c616e7d7a2462736d3d4c6b6e7d78266a7b603d4b68706d6f672532323833
Frame ID: 98467C5DBB35AB228EE8D357471242C5
Requests: 11 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=A197A1C5E1AB238651FC959BF32C0131?org_id=89oebq5k&session_id=8dbde57ce7db61e323625cb8d448c36730c563c2c78069e7e01cdd0f80ad2d0a&nonce=f3a5dd41736827b4&pageid=1
Frame ID: 61112AB464CBD091DB6D2363F189ECE4
Requests: 2 HTTP requests in this frame
Frame:
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=A197A1C5E1AB238651FC959BF32C0131?org_id=89oebq5k&session_id=8dbde57ce7db61e323625cb8d448c36730c563c2c78069e7e01cdd0f80ad2d0a&nonce=f3a5dd41736827b4&pageid=1
Frame ID: A65DDCDA2FD019FC53DF7DF3666C098C
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/top_fp.html;CIS3SID=A197A1C5E1AB238651FC959BF32C0131?org_id=89oebq5k&session_id=8dbde57ce7db61e323625cb8d448c36730c563c2c78069e7e01cdd0f80ad2d0a&nonce=f3a5dd41736827b4&pageid=1
Frame ID: 2AF4D9C5DFDA764FBAE52CF73F375E88
Requests: 1 HTTP requests in this frame
Frame:
https://cdn.pbbl.co/i/pp.html
Frame ID: D5DA2CD9FB5878312D84E7FEABD410A2
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=0827EA2D02A29A1D4E5286E6041CC688?org_id=89oebq5k&session_id=6b723e63a48a9cb9d614b485d187d8132c6e0710f1c26393641e10ee416eaed0&nonce=64fb6732c487b4f3&pageid=1
Frame ID: FD2CD4CE1DBE8DB3199BEE153AABAAF7
Requests: 2 HTTP requests in this frame
Frame:
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=0827EA2D02A29A1D4E5286E6041CC688?org_id=89oebq5k&session_id=6b723e63a48a9cb9d614b485d187d8132c6e0710f1c26393641e10ee416eaed0&nonce=64fb6732c487b4f3&pageid=1
Frame ID: CBACDE5A0C6805B7FC64D7FCC5FD5570
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/top_fp.html;CIS3SID=0827EA2D02A29A1D4E5286E6041CC688?org_id=89oebq5k&session_id=6b723e63a48a9cb9d614b485d187d8132c6e0710f1c26393641e10ee416eaed0&nonce=64fb6732c487b4f3&pageid=1
Frame ID: 21DE518CE4A6F6963E9A746460A9F040
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://sit28.online.citi.com/
HTTP 302
https://sit28.online.citi.com/US/Welcome.c HTTP 301
https://sit28.online.citi.com/US/login.do Page URL
Page Statistics
27 Outgoing links
These are links going to different origins than the main page.
URL: https://sit28.accountonline.citi.com/credit-cards/compare/view-all-credit-cards
Title: View All Credit Cards
Title: View All Credit Cards
Search URL Search Domain Scan URL
URL: https://sit28.accountonline.citi.com/credit-cards/compare/0-percent-intro-apr-credit-cards
Title: 0% Intro APR Credit Cards
Title: 0% Intro APR Credit Cards
Search URL Search Domain Scan URL
URL: https://sit28.accountonline.citi.com/credit-cards/compare/balance-transfer-credit-cards
Title: Balance Transfer Credit Cards
Title: Balance Transfer Credit Cards
Search URL Search Domain Scan URL
URL: https://sit28.accountonline.citi.com/credit-cards/compare/savings-and-cash-back-credit-cards
Title: Cash Back Credit Cards
Title: Cash Back Credit Cards
Search URL Search Domain Scan URL
URL: https://sit28.accountonline.citi.com/credit-cards/compare/rewards-credit-cards
Title: Rewards Credit Cards
Title: Rewards Credit Cards
Search URL Search Domain Scan URL
URL: https://www.citicards.com/cards/credit/application/flow.action?isInvitation=N&OC=CC-CITI-3D5
Title: See If You're Pre-Qualified
Title: See If You're Pre-Qualified
Search URL Search Domain Scan URL
URL: https://www.citi.com/credit-cards/compare/business-credit-cards
Title: Small Business Credit Cards
Title: Small Business Credit Cards
Search URL Search Domain Scan URL
URL: https://www.citi.com/credit-cards/compare-credit-cards/citi.action?ID=view-all-credit-cards&afc=105
Title:
Title:
Search URL Search Domain Scan URL
URL: https://banking.citi.com/cbol/17/checking/basic/generic/default.htm?Promo_ID=CZ92&intc=1~1~52~6~BANR~2~BasicChk_081017~XPX
Title: Banking Made Easy
Title: Banking Made Easy
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/banking/savings/citi.action?ID=citi-savings&intc=1~1~52~6~BANR~2~Generic_Save~XPX
Title: Simplify Your Savings
Title: Simplify Your Savings
Search URL Search Domain Scan URL
URL: https://www.citi.com/credit-cards/credit-card-details/citi.action?ID=citi-double-cash-credit-card&afc=106&intc=1~1~52~6~BANR~1~dc_citicomREDPE_oct2016
Title: Earn Cash Back Twice
Title: Earn Cash Back Twice
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/portal/template.do?ID=compare-savings-checking-cds-and-money-market-accounts&intc=1~1~52~6~BANR~2~Save_Hub2~HP
Search URL Search Domain Scan URL
URL: https://www.lifeandmoney.citi.com/money/managing-money/financial-education/how-to-use-citibank-mobile-app
Search URL Search Domain Scan URL
URL: https://citi.com/citi/covid-19.htm
Search URL Search Domain Scan URL
URL: https://www.facebook.com/citi
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.twitter.com/citi
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.youtube.com/citi
Title:
Title:
Search URL Search Domain Scan URL
URL: http://www.citigroup.com/citi/
Title: Our Story
Title: Our Story
Search URL Search Domain Scan URL
URL: https://jobs.citi.com/
Title: Careers
Title: Careers
Search URL Search Domain Scan URL
URL: https://citieasydeals.com/
Title: Citi Easy DealsSM
Title: Citi Easy DealsSM
Search URL Search Domain Scan URL
URL: http://www.citiprivatepass.com/
Title: Citi EntertainmentSM
Title: Citi EntertainmentSM
Search URL Search Domain Scan URL
URL: https://www.privatebank.citibank.com/
Title: Citi Private Bank
Title: Citi Private Bank
Search URL Search Domain Scan URL
URL: https://www.citi.com/credit-cards/compare/view-all-credit-cards
Title: Credit Cards
Title: Credit Cards
Search URL Search Domain Scan URL
URL: https://itunes.apple.com/app/citi-mobile-sm/id301724680?mt=8
Title:
Title:
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=com.citi.citimobile
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.ipbus.citi.com/
Title: International Personal Bank U.S.
Title: International Personal Bank U.S.
Search URL Search Domain Scan URL
URL: http://www.jdpower.com/awards
Title: jdpower.com/awards
Title: jdpower.com/awards
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://sit28.online.citi.com/
HTTP 302
https://sit28.online.citi.com/US/Welcome.c HTTP 301
https://sit28.online.citi.com/US/login.do Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 29- https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1607589066780 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1607589066780
- https://cm.everesttech.net/cm/dd?d_uuid=63151642231518190783399417597215494327 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9HcywAAAEx9MyJ1
- https://20822230p.rfihub.com/ca.html?rb=648&ca=20822230&ra=902805303&_o=17169175&_t=zx-cookie-match HTTP 302
- https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1871597490087544514 HTTP 302
- https://p.rfihub.com/cm?pub=39342&in=0&userid=82340b54-fa44-4ac2-a113-4b464a407382%3A1607589068.48&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D82340b54-fa44-4ac2-a113-4b464a407382%253A1607589068.48 HTTP 302
- https://idsync.rlcdn.com/501709.gif?partner_uid=82340b54-fa44-4ac2-a113-4b464a407382%3A1607589068.48 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CM3PHhI8CjgIARAFGjI4MjM0MGI1NC1mYTQ0LTRhYzItYTExMy00YjQ2NGE0MDczODI6MTYwNzU4OTA2OC40OBAAGg0IzrnH_gUSBQjoBxAAQgBKAA HTTP 307
- https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
- https://idsync.rlcdn.com/362358.gif?google_gid=CAESEM7TNTCGeR0F7mGuOhgGOhE&google_cver=1
- https://px0.pbbl.co/ns/__p2.gif?ppid=84028805-bcdf-4adb-aa45-db490d6af836&chk=false&brid=1560&brcid=&email=&orderId=&orderValue=&productId=&offerCode=&label=&pageUrl=https%3A%2F%2Fsit28.online.citi.com%2FUS%2Flogin.do&referrerUrl=&targetUrl=https%3A%2F%2Fsit28.online.citi.com%2FUS%2Flogin.do&sessionId=&markerType=seg&rand=P60kwwWev6ej6Euk&iabOptOut=-&jsVer=3.2.1&frVer=1.2&markerId=348192 HTTP 302
- https://aa.agkn.com/adscores/g.pixel?sid=9212282598&_ppid=84028805-bcdf-4adb-aa45-db490d6af836&_segid=99&iid=4f794861-b7cb-429b-b52d-4a806589ec54 HTTP 302
- https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=84028805-bcdf-4adb-aa45-db490d6af836&_segid=99&_zip=&hk=&iid=4f794861-b7cb-429b-b52d-4a806589ec54&mt=&bd=
141 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
login.do
sit28.online.citi.com/US/ Redirect Chain
|
163 KB 38 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tagging.js
sit28.online.citi.com/CBOL/taggingTransformation/ |
56 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.css
sit28.online.citi.com/GFC/branding/responsivebranding/css/ |
46 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ddl.min.css
sit28.online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ |
624 KB 69 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jfpm.autocomplete.off.js
sit28.online.citi.com/JFP/js/modules/ |
1 KB 657 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main_branding.css
sit28.online.citi.com/GFC/branding/responsivebranding/css/ |
273 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendor.js
sit28.online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/ |
204 KB 64 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Bootstrap.js
nexus.ensighten.com/citi/na_stage/ |
278 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
homePage.min.css
sit28.online.citi.com/loginpage/styles/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.tmpl.js
sit28.online.citi.com/JFP/js/jquery/plugins/ |
6 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fp.min.js
sit28.online.citi.com/JSO/js/ |
15 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
463166.gif
di.rlcdn.com/ |
0 44 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bcsid.js
sit28.online.citi.com/passivebio/ |
947 B 741 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
BiocatchATO_Test.js
sit28.online.citi.com/passivebio/ |
338 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cbol-smartSearch.css
sit28.online.citi.com/NCCS/smartSearch/css/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
HowCanWeHelpButton_default.png
sit28.online.citi.com/GFC/branding/img/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
citiHomePage.min.js
sit28.online.citi.com/loginpage/scripts/ |
15 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rsa.js
sit28.online.citi.com/CBOL/sec/debcaract/js/ |
36 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
TMXProfiling.js
sit28.online.citi.com/TMX/ |
1 KB 859 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
peworkflow.min.js
sit28.online.citi.com/personalization/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
embed.js
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2019CertifiedMobileApp.png
sit28.online.citi.com/JRS/images/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
oo_engine.min.js
sit28.online.citi.com/GFC/branding/olab/js/ |
42 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ddl.min.js
sit28.online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/ |
64 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.js
sit28.online.citi.com/GFC/branding/responsivebranding/js/ |
33 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
citilive-search.js
sit28.online.citi.com/JEA/CitiSearch/nexus-platform/js/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cbol-smartSearch-inject.js
sit28.online.citi.com/NCCS/smartSearch/js/ |
13 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cobrowse_overlay.css
sit28.online.citi.com/GPS/portal/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
tagging_transformation.json
sit.api.citi.com/gcgapi/sit3/public/v1/staticcms/USGCB/en_US/appid/ Frame |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tagging_transformation.json
sit.api.citi.com/gcgapi/sit3/public/v1/staticcms/USGCB/en_US/appid/ |
573 KB 89 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
363 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
identity
api.rlcdn.com/api/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serverComponent.php
nexus.ensighten.com/citi/na_stage/ |
2 KB 834 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
0961aaa1-40b3-449d-8c7a-67dc9539be9f
https://sit28.online.citi.com/ |
138 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Citi-Enterprise-White.png
sit28.online.citi.com/GFC/branding/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Interstate-Light.woff
sit28.online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/fonts/interstate/ |
74 KB 74 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tags.js
content22.online.citi.com/fp/ |
49 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bkintg.js
sit28.online.citi.com/personalization/ |
6 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aosRFServerIntg.js
sit28.online.citi.com/personalization/ |
52 KB 11 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cmstmplintg.js
sit28.online.citi.com/personalization/ |
54 KB 13 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e184a244b5b099c838aaaf0d34bd2bfd.js
nexus.ensighten.com/citi/na_stage/code/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f83a1b2f2387c6c20bedbfa2eb53f9e8.js
nexus.ensighten.com/citi/na_stage/code/ |
1 KB 737 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c12dae03db21b42020eebc54e7710f6f.js
nexus.ensighten.com/citi/na_stage/code/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
70adc734c8b3da7da303531724169841.js
nexus.ensighten.com/citi/na_stage/code/ |
2 KB 862 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
d4735fd843d57a69f9e83da44aed18d7.js
nexus.ensighten.com/citi/na_stage/code/ |
278 B 460 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6218562878bcbf48e065c96b50f877cd.js
nexus.ensighten.com/citi/na_stage/code/ |
107 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ef4fb68342441d20f3bd5ddf0d3960cf.js
nexus.ensighten.com/citi/na_stage/code/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ca145d4187a081eaffb7d75d438ec166.js
nexus.ensighten.com/citi/na_stage/code/ |
113 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
26dfc435b97cf4089ee5138bfac8cae7.js
nexus.ensighten.com/citi/na_stage/code/ |
334 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bk-coretag.js
tags.bkrtx.com/js/ |
45 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
96 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 106 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 106 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cse.js
cse.google.com/cse/ |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
19469
stags.bluekai.com/site/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
dest5.html
citi.demdex.net/ Frame 57DD |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
metrics1.citi.com/ |
48 B 515 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=X9HcywAAAEx9MyJ1
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Interstate-Bold.woff
sit28.online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/fonts/interstate/ |
70 KB 71 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
close.svg
sit28.online.citi.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/ |
1 KB 911 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iframe_api
www.youtube.com/ |
810 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
citilive-search-responsive.css
sit28.online.citi.com/JEA/CitiSearch/nexus-platform/css/ |
62 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
citilive-search-library.js
sit28.online.citi.com/JEA/CitiSearch/nexus-platform/js/ |
179 KB 61 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
citilive-search-service.js
sit28.online.citi.com/JEA/CitiSearch/nexus-platform/js/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
citi-search-tmpl.js
sit28.online.citi.com/JEA/CitiSearch/nexus-platform/js/ |
1 MB 732 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
citilive-search-controller.js
sit28.online.citi.com/JEA/CitiSearch/nexus-platform/js/ |
127 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 106 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
96 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
96 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cse_element__de.js
www.google.com/cse/static/element/921554e23151c152/ |
264 KB 88 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default+de.css
www.google.com/cse/static/element/921554e23151c152/ |
41 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default.css
www.google.com/cse/static/style/look/v4/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
BKDmpUpdate.action
sit28.online.citi.com/US/DMP/ |
3 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
banner
sit.api.citi.com/gcgapi/dev1/api/v1/marketing/offers/ |
5 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
banner
sit.api.citi.com/gcgapi/dev1/api/v1/marketing/offers/ Frame |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
json
citicorpcreditservic.tt.omtrdc.net/m2/citicorpcreditservic/mbox/ |
537 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
www-widgetapi.js
www.youtube.com/s/player/6dde7fb4/www-widgetapi.vflset/ |
100 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
TMXProfile.jws
sit28.online.citi.com/US/REST/ManageTMXProfile/ |
264 B 691 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tags.js
content22.online.citi.com/fp/ |
49 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
425466.html
sr.rlcdn.com/ Frame BF3D |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1560.js
cdn.pbbl.co/r/ |
32 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tc.min.js
c1.rfihub.net/js/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
362358.gif
idsync.rlcdn.com/ Redirect Chain
|
42 B 306 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generic1607367903228.js
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ |
333 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cls_report
uat.report.nacustomerexperience.citi.com/glassbox/reporting/ |
0 654 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
check.js;CIS3SID=A197A1C5E1AB238651FC959BF32C0131
content22.online.citi.com/fp/ Frame 215E |
175 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 215E |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 215E |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
63068
stags.bluekai.com/site/ Frame 5807 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cr.png
contents3.00110.citi.com/api/v1/ |
4 B 403 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
check.js;CIS3SID=0827EA2D02A29A1D4E5286E6041CC688
content22.online.citi.com/fp/ Frame 9846 |
175 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 9846 |
81 B 474 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 9846 |
81 B 474 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 215E |
81 B 537 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ls_fp.html;CIS3SID=A197A1C5E1AB238651FC959BF32C0131
content22.online.citi.com/fp/ Frame 6111 |
48 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 215E |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sid_fp.html;CIS3SID=A197A1C5E1AB238651FC959BF32C0131
h.online-metrix.net/fp/ Frame A65D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 215E |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 215E |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
top_fp.html;CIS3SID=A197A1C5E1AB238651FC959BF32C0131
content22.online.citi.com/fp/ Frame 2AF4 |
47 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 215E |
0 218 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
89oebq5k3jtig7e4itgrm7duyg7lslnmgzq23ot3f3a5dd41736827b4am1.e.aa.online-metrix.net/fp/ Frame 215E |
81 B 438 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cool-2.1.15.min.js
nebula-cdn.kampyle.com/resources/onsite/js/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
metrics
dit.api.citi.com/gcgapi/uat3/public/v1/digital/reporting/ Frame |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
HP2.0_Multi-Card_Hero_Card_Background.jpg
sit28.online.citi.com/JRS/banners/hero_background/ |
53 KB 54 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
HP_Hero_LazyLoad.jpg
sit28.online.citi.com/JRS/banners/modules/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
arrow-btn-next-blue-sm-bold.svg
sit28.online.citi.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/ |
918 B 769 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Citi-Branding-Sprite.png
sit28.online.citi.com/GFC/branding/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
appStore_1px.png
sit28.online.citi.com/GFC/branding/responsivebranding/img/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
googlePlay_1px.png
sit28.online.citi.com/GFC/branding/responsivebranding/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
arrow-btn-next-white-sm-bold.svg
sit28.online.citi.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/ |
918 B 766 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
oo_icon_retina.gif
sit28.online.citi.com/GFC/branding/olab/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
metrics
dit.api.citi.com/gcgapi/uat3/public/v1/digital/reporting/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
450x285-citi-cluster.png
sit28.online.citi.com/JRS/banners/card_art/ |
59 KB 59 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
HP_Hero_LazyLoad_1120x630.jpg
sit28.online.citi.com/JRS/banners/modules/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
HP358_M1.jpg
sit28.online.citi.com/JRS/banners/modules/ |
93 KB 94 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
HP417_M.jpg
sit28.online.citi.com/JRS/banners/modules/ |
92 KB 92 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
M1-M7_DoubleCash.jpg
sit28.online.citi.com/JRS/banners/modules/ |
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
HP5904_M.jpg
sit28.online.citi.com/JRS/banners/modules/ |
98 KB 99 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pp.html
cdn.pbbl.co/i/ Frame D5DA |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 215E |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 9846 |
81 B 536 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ls_fp.html;CIS3SID=0827EA2D02A29A1D4E5286E6041CC688
content22.online.citi.com/fp/ Frame FD2C |
48 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 9846 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sid_fp.html;CIS3SID=0827EA2D02A29A1D4E5286E6041CC688
h.online-metrix.net/fp/ Frame CBAC |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 9846 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 9846 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
top_fp.html;CIS3SID=0827EA2D02A29A1D4E5286E6041CC688
content22.online.citi.com/fp/ Frame 21DE |
47 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 9846 |
0 218 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
89oebq5kyijwkpflh2naqdvut5avjqgx7qrwwgk564fb6732c487b4f3am1.e.aa.online-metrix.net/fp/ Frame 9846 |
81 B 438 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ |
0 318 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 6111 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame FD2C |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear1.png;CIS3SID=A197A1C5E1AB238651FC959BF32C0131
content22.online.citi.com/fp/ Frame 215E |
0 386 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear1.png;CIS3SID=0827EA2D02A29A1D4E5286E6041CC688
content22.online.citi.com/fp/ Frame 9846 |
0 386 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adadvisor.gif
px0.pbbl.co/ Redirect Chain
|
42 B 132 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 215E |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 9846 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
cls_report
uat.report.nacustomerexperience.citi.com/glassbox/reporting/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
cls_report
uat.report.nacustomerexperience.citi.com/glassbox/reporting/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
cls_report
uat.report.nacustomerexperience.citi.com/glassbox/reporting/ |
0 394 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api.rlcdn.com
- URL
- https://api.rlcdn.com/api/identity?pid=1&rt=idl
- Domain
- stags.bluekai.com
- URL
- https://stags.bluekai.com/site/19469?ret=js
- Domain
- ghbmnnjooekpmoecnnnilnnbdlolhkhi
- URL
- chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js
- Domain
- dit.api.citi.com
- URL
- https://dit.api.citi.com/gcgapi/uat3/public/v1/digital/reporting/metrics
- Domain
- ghbmnnjooekpmoecnnnilnnbdlolhkhi
- URL
- chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js
Verdicts & Comments Add Verdict or Comment
506 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| _trackAnalytics object| _dl undefined| copyNextSource object| configs object| taggingDataLayer string| module string| lang string| searchEnable string| userRole string| visitor boolean| isLoggedin string| _j object| citiData string| pageDef string| _server string| _site string| pageName boolean| isLEChatDisable string| _locale string| _f function| $ function| jQuery object| jQuery19109001261123132629 object| respond object| ensBootstraps object| Bootstrapper function| Visitor object| s_c_il number| s_c_in object| adobe_visitor function| targetPageParams object| adobe object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate string| isPeOfferSSIServiceFlag string| peOfferServiceThrottleValue string| liveRampUrl_NGA boolean| liveRampFeatureOct18 string| liveRampUrl_CSI_Oct18 string| liveRampUrl_SSI_Oct18 string| liveRampUrl_newApi_Oct18 string| liveRampTimeout_newApi_Oct18 object| liveRampStatus string| idl object| vendorData object| liveRampParseTempArray object| liveRampMessage object| liveRampIndicator function| prepareLiveRampUrl function| triggerLiveRamp function| validateLiveRampResponse function| parseLiveRampResponse function| updateLiveRampStatus string| aosDomain boolean| peOfferServiceThrottle string| bcCookieName string| bcsid function| setBCCookie function| getBCCookie object| cdApi function| getParentLocation function| isSelfLoc function| isXFSWhiteListed string| parentLocation boolean| XFSWhitelisted string| domainName string| JFP_CSRF_TOKEN object| OBJ_JFP_CSRF_TOKEN boolean| isCSRFAutomationEnabled function| isValidDomain function| isValidUrl function| addExtraField function| D7X7eHgXk85 function| hQqDVoDqhboAll0 function| gzjpDiikDW1We object| httpStatus string| topDM string| message boolean| flagvalue number| signonInitialHeight undefined| signonModalHeight boolean| signonBlock function| populateEFDParams function| populateClientData function| submitRSADevicePrint function| submitmobilegeolocation function| doSubmit function| signOnUnamePwdError function| clearFieldErrorValidation function| onSelectUser function| insertAfter function| mask function| focusOn function| blurOn function| doMask function| OpenInNewTab function| displayLable function| launchPopup function| tv function| initMLC function| displayServerName function| isTestDomain function| getCookie function| setCookie function| calLinkCharLength function| truncateOtherAlert function| truncateBrowserAlert function| passTmplObj function| closeAlertBox function| showFullMsg function| hideFullMsg function| truncateMsg function| showAlerts function| hideAlerts function| handleOutageAlert function| handleSignonLink function| adjustHeroHeight function| adjustHeroOnRotation function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity function| getRequestParams string| tmx_sessionid string| tmxOrgId string| JSLink object| JSElement string| test boolean| defaultOffersActive object| RFObject string| language boolean| isAggregator function| ngaKA string| counter string| loginExp object| jsonContent object| offerPlacements boolean| epTurnedOff boolean| isPELocale object| PRConfig undefined| PRcallback function| reviewsClicked function| prConnection function| setReview_banner function| fetchPRReviews string| isTaggingTransformationSet string| isCallBkOnpageloadFallBackFlag object| taggingDlArr object| OSResponse string| RFResponse string| CMSStatus object| moduleArr object| contentIdArr object| resPlKeys object| offerlistArr object| rfPlacementsArr boolean| isMobile boolean| RFthrottle string| userType string| GPOLUrl string| acxiomTimeout string| cmsCallTimeout string| CUUIDUpdated boolean| bkEnabled string| bluekaiUrl string| aoUrl string| mktUrl string| updateDmpTimeout string| ecmCampaign object| ecmNames string| loginbkTimeout string| subChannel string| RFUrl string| rfCallTimeout boolean| PEAugustFallback boolean| PESeptFallback string| clientIpAddress string| osUrl string| osTimeout string| osClientId string| osScope string| peOfferSSIFlowCookie boolean| peOctFallback boolean| peNovFallback undefined| callCMSServiceRFDecision string| cmsBannerServiceDomain string| cmsBannerServiceTimeout string| cmsBannerServiceScope string| cmsBannerServiceClientId string| locale_PE boolean| peBluekaiMobileIntgFlag string| metricsCaptureUrl string| metricsCaptureClientId string| metricsCaptureScope string| metricsCaptureTimeout object| clientMetricsStatus object| metricsCaptureArray object| clientMetricsRequestKeys boolean| peClientMetricsFlag boolean| august2018FeaturesSwitch object| defaultContentIdArray object| bannerTrackingJSON boolean| bannerTrackingDefaultOffers boolean| peUrlMaskingFeature object| OSRawResponse object| schshArray object| sourceCodeBrandArr string| clearExp string| expCookieValue undefined| exdate undefined| cookie_value boolean| clearExpCookie string| immediateReferrer boolean| isJavaEnabled string| screenResolution object| peworkflow object| commonUtils object| peintg boolean| signonLock undefined| detachedRemChkBoxDesktop undefined| detachedRemChkBoxMobile string| maskedPlaceHolder string| signOffMessageValue string| uidInputField string| contextPath object| alerts function| deleteSignOffCookie function| removeSignonLock function| checkTMXProfiling object| KAMPYLE_EMBED function| bk_async object| dataLayer function| gtag function| aosRFServerIntg object| aostempintg function| mobileBadgeClick function| desktopBadgeClick object| dropdownData object| OOo function| commaSeperatedList function| arraysEqual object| CM function| onYouTubeIframeAPIReady boolean| iOS string| titleAttr function| hasClass function| setSearchBarLabel function| changeViewport function| setPageTimeout function| delayPageTimeout function| resetPageTimeout function| sessionRecovery function| callSessionCheck function| sessionCheckReturn function| beforeYouGo function| getBrandingData function| getFinalURL function| lnk function| isSubappBusy function| confirmGo function| ConfirmGo function| myFunction function| closeActiveFlyoutMenu function| hideSearchBar object| globalNavigation function| gssCallback object| requestURL object| params undefined| element undefined| h1Element undefined| fullSearchURL undefined| newElement function| gsearch2 function| scEventL function| scEvent boolean| flag function| gsearch function| searchComplete function| renderSearchControls object| pageTimer object| delayTimer undefined| branding_sc_p3 string| displayPhrase string| displayPhrase2 undefined| subMenuMargin object| year function| getParameterByName object| ids_menu object| ids_hasdrop object| ids_dropbtn function| mobileDropdown function| mobileSubDropdown function| hideMobileDrop function| getSpanishHref function| showSpanishDisclaimer function| closeSpanishDisclaimer function| redirectToSpanishPage function| getEnglishHref function| redirectToEnglishPage object| __gcse object| $desktopSearchWrap object| $desktopSearchBar object| $desktopSearchBtn object| CitiSearchConfig object| CitiSearch function| NexusPlatformDelegateToCBOL function| NexusPlatformChatEscalationCBOL function| nullCheck function| firstCobrowseOverlay function| hideOverlay function| cobrowseOverlay function| showAlert function| requestCobrowse function| $autocomplete function| disableAutocomplete object| bkintg object| cmstmplintg object| val function| AppMeasurement number| s_objectID number| s_giq string| rsidAry object| s_tms function| asyncpost_deviceprint string| sXR5Lm1mXWSZcy1OZkmxb string| s21oVTUsTWR9ISb7Ggc string| Mfy1huGFh2TIldVIoc2 string| migratedAlert object| v function| _focusFirstHeader function| _focusPreviousHeader function| _focusNextHeader object| _cls_config object| _detector undefined| optimizely object| google_tag_manager object| google_tag_data string| sName function| s_getLoadTime function| s_gi function| s_pgicq function| c_r function| c_rspers function| c_w object| s number| s_loadT object| td_4U boolean| tmx_profiling_started function| tmx_post_session_params_fixed function| tmx_run_page_fingerprinting object| td_4z object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut boolean| bk_use_multiple_iframes boolean| bk_allow_multiple_calls string| scriptUrl object| YT object| YTConfig function| onYTReady function| $CitiSearch function| StringBuffer object| Base64 function| Utf8EncodeEnumerator function| Base64DecodeEnumerator function| _ object| Handlebars object| CitiSearchService object| nexusPlatformChatEscalationCBOL function| CitiSearchDelegate object| CitiSmartSearchTmpl object| nexusPlatformDelegateToCBOL object| CitiSearchJSVar string| contentFetchFromDB boolean| bodySearchCall object| CitiLiveSearchController undefined| CitiFullSearchController object| google object| closure_lm_208358 object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| _pp undefined| CCSID undefined| citiLocale boolean| citiNGA string| pageID boolean| yetToRunBannerTrack function| _rfi object| ttMETA function| ttMBX object| td_2A object| td_0K function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata boolean| callBannerCMS object| metrics_ReqParams function| setImmediate function| clearImmediate object| _prev_dl25 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .citi.com/ | Name: tmx_digitalApptype Value: PC_BROWSER |
|
| .citi.com/ | Name: tmx_sessionid Value: 6b723e63a48a9cb9d614b485d187d8132c6e0710f1c26393641e10ee416eaed0 |
|
| .citi.com/ | Name: s_ecid Value: MCMID%7C67735220017505528052778354225357777172 |
|
| .citi.com/ | Name: second_tmx_sessionid Value: 8dbde57ce7db61e323625cb8d448c36730c563c2c78069e7e01cdd0f80ad2d0a |
|
| .citi.com/ | Name: check Value: true |
|
| .citi.com/ | Name: _gcl_au Value: 1.1.653673374.1607589067 |
|
| sit28.online.citi.com/ | Name: 7830 Value: error |
|
| sit28.online.citi.com/ | Name: count Value: 1 |
|
| .citi.com/ | Name: BKDMP Value: |
|
| .citi.com/ | Name: AMCVS_61834D9B5228A7430A490D45%40AdobeOrg Value: 1 |
|
| .citi.com/ | Name: _cls_v Value: 5d778236-60f4-4c81-a693-99709fe175e1 |
|
| sit28.online.citi.com/ | Name: 7018 Value: |
|
| .demdex.net/ | Name: demdex Value: 63151642231518190783399417597215494327 |
|
| sit28.online.citi.com/ | Name: JSESSIONID Value: 0000107--vfDQIq5hdeFPgTHuaA:1ei8ppcrr |
|
| .citi.com/ | Name: experience Value: Uncookied |
|
| .citi.com/ | Name: AMCV_61834D9B5228A7430A490D45%40AdobeOrg Value: -330454231%7CMCIDTS%7C18607%7CMCMID%7C67735220017505528052778354225357777172%7CMCAAMLH-1608193867%7C6%7CMCAAMB-1608193867%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1607596267s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18614%7CvVersion%7C3.1.2 |
|
| .sit28.online.citi.com/ | Name: popSplit Value: 79 |
|
| .citi.com/ | Name: cdSNum Value: 1607589067329-sjn0000088-565e9cac-372a-4e50-9b61-72f8018cb55b |
|
| .citi.com/ | Name: mbox Value: session#ff6bf5d277ac4a7f9d524179ae64a596#1607590927 |
|
| .citi.com/ | Name: bmuid Value: 1607589066880-F8D7FD22-EB83-4018-B9A8-07797AC29F3F |
|
| .citi.com/ | Name: bcsid Value: AABBC271CE126BEB3CD024950666D22 |
|
| sit28.online.citi.com/ | Name: 64072 Value: |
|
| .citi.com/ | Name: _cls_s Value: 97a94295-4bab-4bbd-9670-e0059c6e4720:0 |
|
| .citi.com/ | Name: cdContextId Value: 2 |
|
| .sit28.online.citi.com/ | Name: AOSDMPRF Value: |
27 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
20822230p.rfihub.com
89oebq5k3jtig7e4itgrm7duyg7lslnmgzq23ot3f3a5dd41736827b4am1.e.aa.online-metrix.net
89oebq5kyijwkpflh2naqdvut5avjqgx7qrwwgk564fb6732c487b4f3am1.e.aa.online-metrix.net
aa.agkn.com
api.rlcdn.com
c1.rfihub.net
cdn.pbbl.co
citi.demdex.net
citicorpcreditservic.tt.omtrdc.net
cm.everesttech.net
cm.g.doubleclick.net
content22.online.citi.com
contents3.00110.citi.com
cse.google.com
di.rlcdn.com
dit.api.citi.com
dpm.demdex.net
ghbmnnjooekpmoecnnnilnnbdlolhkhi
h.online-metrix.net
idsync.rlcdn.com
live.rezync.com
metrics1.citi.com
nebula-cdn.kampyle.com
nexus.ensighten.com
p.rfihub.com
px0.pbbl.co
resources.digital-cloud-citi.medallia.com
sit.api.citi.com
sit28.online.citi.com
sr.rlcdn.com
stags.bluekai.com
tags.bkrtx.com
uat.report.nacustomerexperience.citi.com
udc-neb.kampyle.com
www.google.com
www.googletagmanager.com
www.youtube.com
api.rlcdn.com
dit.api.citi.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
stags.bluekai.com
104.111.224.160
104.70.85.47
15.237.136.106
151.101.13.175
151.101.194.133
18.197.253.20
184.24.24.167
184.24.31.116
192.193.179.250
193.0.160.128
216.58.205.226
23.36.236.158
2a00:1450:4001:802::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2013
2a00:1450:4001:817::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:821::200e
34.120.207.148
35.176.206.104
35.241.45.82
35.244.245.222
52.141.218.213
52.49.47.228
54.171.42.33
54.194.111.119
65.9.68.16
65.9.68.18
91.235.132.130
91.235.133.67
91.235.134.131
03c736ca1c90e26743865ed80c9766f84ca237b0dc572fab630737aaef70d171
051b18ffc03e4adc771ab9efa6549b8d28074acd494045ab628a324ebf00ce30
0611a971171f2b9c9a2a796510b0807ba2dfa83d5b9f15d94afde7d34e34d0ff
0687c7a91cacee8aea130fc1b7c12cbad408699e8ec5a7a66512d1b6a33e5fe8
11ac145737a925a48afd9bd6008a69b63e49b50db961afd4141cd629e49d952b
157430093a6d2ee63082eae5dabf826926d3b6259d33482aa6713c48728e82fa
1cc4ec61057f30cea6d47126e0444f119b2606720b1fe8d7e0deff1f5742a82b
1eca9df8707c8459e9c4c9b9a6e5528318e890c842f7fc10305b738077da277b
1ece35315243514f99621c7e9d33ac4240777a419384a37b50b3b7cbcbeb4226
1f2a0e7aa3dabf73dae3cc7c1e53a70ec51145b39b027bdc1ecae9223c0c80d2
227ab422f0cfc500345d01d15673081d7ebd331839561d10edec96a98c459a13
242cb1fe2274ec738de60067a2c54568126e01792e55d2db82f8cfb48cbb4f24
261eccefbcd7f83bc8760ca4a599af1f1f0330b3762b9cd44bd1e44212747021
2780cafe6147607eae59e29013666c4bd593a3a6605abc0afb2d1e5c51eb6f52
2c65cdc8fed4d04ccebbd8a065b8a6e16a6503060507c5140cb60350b0c2f480
3005a0e4b784812d0f1d592ff1c953a93507f4741430423a48d9293b6befaf45
359a00b9518a4295a70361f526a7d69cf7dc40099a5ff361a5fbf8c0ee034e0c
3b31fdbecf66b879fb4616d100b270d12c9dd6fccb055b54acfdeb90fd4880f0
3b937262381be3786c1ee9b1a8e59b0ac400f70f88d8cffb42d9ed75df8b18b5
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
3fca3de24621f0f10186594054444d608016297c2e853e548710b3521e42a609
40f2d3730f4b449e9b8ae1024ec389d1fafeb98c0cf7807a0ff295ff1d0a8a96
477c729b3bcc07eb2cfed6097c28809a9e4f6a8a6c798623aa7b122c860425b3
4999a8bcfc1f9fd95a0c4e42cfbac1abdf5a6c9e26734abbe4bc157b8c2b49ab
4f918cd256712c03a1b88007176cabf623cc63740e919d35a217c18dc7ebe607
52541e17b026b0a2a1edefe177cdd7597acf5ca74c519799809fe9f38402157b
55e066703c69d4d89a1f4d66794d474aa93d710624d8f807096bac17a7867b17
568017747a5516a2d4b12ec1ab3450085504593beb34d270e78cdd57bcfd3c68
60a5a3a7dff4237e7753e5fdf0848006a08006e8d23f095236a11985c2857806
629b48196dcc270143a42ce57535b251c655617f8d510277d4a05306c426fd38
690146b8ff7699810daa66f43ce7d006f74a143dea4a27bb0cb9c054dddadeee
6ad63a78e1134cf9fdb6fa9d72f2f73dcfbd75ddce5bf7eee4492d5d3569b853
6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b
6f18f3c5599a6fdc889defc04f94767b69b1723d011a7741c865e993bfdf186a
6f3649e19993fee191ac81abe9c6c74f6714d9fd19ccd3a0cce2f31835018e10
701d2f9f02741b8429f4fb892b2b48c34a8a0f9189cb09013b2799031f22e484
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
75716309eda6c8f4dd370de69d119cfefb5b14750937a5cc11e17d356b9d006f
771c92ecc9167287111bc793f6392bfb0dc8a51a830b497f7591e6d3493fc1fc
78af61897fafb5a82b787273472a93de723186b17f46ed315617c70ae2b6a6fe
78f40ad614a49c16d1165727f869ea12d16e9ded8ce1e1e270db81265a37e9ee
793c2f3d02d0bc3ad8a2cdc901b2134159b66245e951ac258fee1ac8b2709f44
7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454
7d481eb36581746fd3662c7c452856b695df90cdce24664c48f565aa119c8b16
7e02953e78d6e85e00953792b405bebfa5401cbea771c82395caf6b48e9bb94b
85b7e6fe4b942371262712ca207e3c335e7d701609a855f3ff701c222e2304c2
8f0820bd458393ef52ee331c7cb0a3a3ecd43a6b2421688a823cfdbbd544fd86
906e01c103264c21a4fe398f2fcd40503295de56a1828f1a8a16b41984cd48c6
907aee42d56de6a0d8b9a5f57b9a05cf82615070758ac66fdc7db8a4ba45ffda
92861ebb7d832a714480a5b33cd9f11b2587406e5728d010a8ff7285d9c511be
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
96da0123b20dbb462de8c21f88530a8f14d5922f1ebf4c28d7fea0942d33f14b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9dad502247a8488c21ef5beb32aed1a78b17b748711bec817c472911f76b4ead
9e113faa2bafe61fffc5c70dd97c0483e87b282334ef4584e426af2fe56ddf68
a3804b9b025bbd0f9cd89ab9b2fcda700a7421a93be50f3a8e7ea14af86720e3
a72be177574ad3363fc055c331c24b634c43f606462d03d8be3a1f5bb4778cc4
a7ae41a05d0cea63af283870957f8e17a215b00ba9fb3c09e24686704e6dc38f
a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60
af8e9af9c678184a1486e48c255645d87ce6df6fa5f813fd0052b9bfc6e1f16e
afdc09ccfcdfa0f5acb1fa5fd430756474569d5be23f168ef2fe98a5155bc954
b37e15092a7d6be3576e72fc12896b023c212bb5f93436dc5671352d7b4d212b
b551c2f92d7508ed8f5947ed69f711c2d50b23b59d9b7ae5813807b250e5ff19
b5b99c97960d130c44fad1acc54bba0644286e0fd6d3899e3027392ab7de9cc8
c372a2f596024b3ab9c9e7ac632185260868693e30e0223eb983e5ae897ae48a
c3bc8b7b32a39eae284845b1ce60e9c2278ad5108372dc00ad78b4b8ba132061
c3c994c3fe9bd4e055f6d0eb42067ecd6bdd3247e136bc22835b9882cfe77c61
c41553f453a21f0915295f78809ce69da17214300e920d54a64eacf9faef58ac
c4d822793b2eab5f9bf345ce530487844b1aeaca83f5fd906f2e9987f6842028
c770e459d9988f611c466be1c6a650c3247f8521b536c1c2897c390f7f25e5bb
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
cef441f581efb902b02e6b1f31a97c6f0e6ed1f3f9f92438eec4a0edadd460dc
d57c8034f9c12aa3ce626c9ed1d61a4bb0941c3ef320bb59346f20496fb0096a
d71b39784664cbc1e6905bd0c99918d0452ddf5ebf78f19e1721f4ba125e0d57
d71c849b54fd711c451edb2963b8e949fb8a0e40bc45b56a4050a42327757f74
dc5ba306fece552e3a002c8e18fa392c85acfa61091e1b98496b745f8ace6876
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
ddfc50334e444d16f275b7a81eb09c83ddd05bf00a3d47bef2d878671244f2f4
e18c28c95bea1af6b2187c6a35eb651dccabfb2212e529b6edd4a2e2f4c39ea8
e379e6edef6bdf6eff1b92776e6e3c6b6963844c918931167f320fb5a0d8b823
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5168b3d0c8f929a1b8c4c1b4e4ebac60ee0e1ecfd759aeb4be4c2b15e3fc097
e65ab34ce9fc581b33eb9da02d0c3b0e5c24506a5431044ec02a48e102a0af02
e68fb2c6b131cabefa4b5d36bb1dead66c7984c4bed688246c4ab7324b0c064d
e90fb0eba512ed6473f6fb8acf4cd09b38732f150f43c396246c12bb2aacbb67
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
ed48ae9c1a324d49404d9fb4c508b880ca97a65f8fd21d352e241d1e4dfc50e2
eec5cc477e7cb4f1eee1f26dce3eb411a63716d89a9b659c7d5559571c837ccb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef91e605967757053339cb7dbcc03a26c48a6de344cff0e23ab2a9725e137296
f1821b3865a1008ba0c088f7dc5c7eeb6b81e414461885c40b8d0f48fcbc9341
f207b397d93fb6f503a0a5d26e6769f08676aaee906904906c021f66b2f6954d
f2adfd83f8e9c7f3b092921eb5a59d4463041b2be8386a17ec7ac29d8d588470
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f35167f960fb0ce996db66bdfc5723771a4acc8e7206b282e7dfaa8c2ca81e3b
f412fabe1bf3c2919c2546d83499d3753879895a76489d491f780ed8e7a00551
f44e4692a52b6a382cb481e23f8bcb9a6d4c24eec8aa60143c7e2ca3a85758b2
fa6dbce6111b314c69e214bc7cb0ae22a27d56286a9227b9d94732209c7a242b
fd14ed2cf2a44da8d0e4a90d0b634618c0b2beaf67ed2b5e455f8708bd005d74
fdaf50ba7dfdf74a600dbb9a28a4ebfc536486d8f1e23296d7dfb33d843e1c3b