www1.citibank.com.au Open in urlscan Pro
96.16.137.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://citibank.payment-alert.app/
Effective URL:
https://www1.citibank.com.au/
Submission: On April 07 via automatic, source rescanner (April 7th 2022, 3:02:23 pm UTC) — Scanned from DE

Summary HTTP 75 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 28 domains to perform 75 HTTP transactions. The main IP is 96.16.137.98, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www1.citibank.com.au.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 11th 2022. Valid for: a year.

This is the only time www1.citibank.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	35.226.132.161 35.226.132.161	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
9	96.16.137.98 96.16.137.98	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a02:26f0:350... 2a02:26f0:3500:798::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a02:26f0:6c0... 2a02:26f0:6c00:282::2928	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a02:26f0:170... 2a02:26f0:1700:595::44b5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 5	34.246.220.204 34.246.220.204	16509 (AMAZON-02) (AMAZON-02)
2	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1 1	54.75.68.230 54.75.68.230	16509 (AMAZON-02) (AMAZON-02)
1	54.195.123.189 54.195.123.189	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b9::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.213.251.128 52.213.251.128	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	52.215.248.120 52.215.248.120	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	209.197.3.19 209.197.3.19	20446 (STACKPATH...) (STACKPATH-CDN)
1	96.16.147.243 96.16.147.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	54.171.119.76 54.171.119.76	() ()
8 9	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:fb:... 2a02:26f0:fb:188::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2 2	52.50.215.59 52.50.215.59	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	23.35.228.247 23.35.228.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.33.220.216 185.33.220.216	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
75	35

3 35.226.132.161 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 161.132.226.35.bc.googleusercontent.com

citibank.payment-alert.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 96.16.137.98 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-137-98.deploy.static.akamaitechnologies.com

www1.citibank.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
marketingportal.citibank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:798::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:6c00:282::2928 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.cdn.citibank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:1700:595::44b5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

marketingportal.citibank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.246.220.204 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-220-204.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

smetrics.citibank.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.68.230 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-68-230.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.195.123.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-123-189.eu-west-1.compute.amazonaws.com

citiau.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b9::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.251.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-251-128.eu-west-1.compute.amazonaws.com

citiau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.248.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-248-120.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.19 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.147.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-147-243.deploy.static.akamaitechnologies.com

www.everestjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.119.76 (None, )

ASN- ()

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.66.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

lasteventf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:fb:188::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.215.59 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-215-59.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.228.247 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.216 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	citibank.com marketingportal.citibank.com www.cdn.citibank.com — Cisco Umbrella Rank: 846611	1011 KB
11	everesttech.net 9 redirects cm.everesttech.net — Cisco Umbrella Rank: 1009 pixel.everesttech.net — Cisco Umbrella Rank: 3287 lasteventf-tm.everesttech.net — Cisco Umbrella Rank: 6403 sync-tm.everesttech.net — Cisco Umbrella Rank: 576	2 KB
6	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 216 citiau.demdex.net	9 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	343 KB
5	google.com www.google.com — Cisco Umbrella Rank: 4	41 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 491	164 KB
3	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 727 d9.flashtalking.com	10 KB
3	citibank.com.au www1.citibank.com.au smetrics.citibank.com.au	55 KB
3	payment-alert.app citibank.payment-alert.app	1 MB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 531	1 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 248	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	2 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 662	584 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	368 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	37 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1272 c.go-mpulse.net — Cisco Umbrella Rank: 558	51 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 897	7 KB
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 898	545 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 411	274 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 350	239 B
1	google.de www.google.de — Cisco Umbrella Rank: 5383	548 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 234	539 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 104	15 KB
1	everestjs.net www.everestjs.net — Cisco Umbrella Rank: 6034	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	41 KB
1	omtrdc.net citiau.tt.omtrdc.net	592 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 682	22 KB
75	28

	Domain	Requested by
13	marketingportal.citibank.com	www1.citibank.com.au marketingportal.citibank.com
9	www.cdn.citibank.com	www1.citibank.com.au
8	sync-tm.everesttech.net	8 redirects
5	dpm.demdex.net	1 redirects www1.citibank.com.au
5	www.google.com	citibank.payment-alert.app www.gstatic.com www.google.com www1.citibank.com.au
4	assets.adobedtm.com	www1.citibank.com.au assets.adobedtm.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	citibank.payment-alert.app	citibank.payment-alert.app unpkg.com
2	sync.search.spotxchange.com	1 redirects www1.citibank.com.au
2	ib.adnxs.com	1 redirects www1.citibank.com.au
2	dsum-sec.casalemedia.com	1 redirects www1.citibank.com.au
2	sync.crwdcntrl.net	2 redirects
2	www.facebook.com	www1.citibank.com.au
2	servedby.flashtalking.com	citibank.payment-alert.app servedby.flashtalking.com
2	connect.facebook.net	citibank.payment-alert.app connect.facebook.net
2	smetrics.citibank.com.au	assets.adobedtm.com
2	fonts.gstatic.com	www.google.com
2	unpkg.com	1 redirects citibank.payment-alert.app
1	image2.pubmatic.com	www1.citibank.com.au
1	us-u.openx.net	www1.citibank.com.au
1	pixel.rubiconproject.com	www1.citibank.com.au
1	cm.g.doubleclick.net	www1.citibank.com.au
1	www.google.de	www1.citibank.com.au
1	googleads.g.doubleclick.net	www.googleadservices.com
1	c.go-mpulse.net	s.go-mpulse.net
1	c.bing.com	1 redirects
1	lasteventf-tm.everesttech.net	www.everestjs.net
1	d9.flashtalking.com	servedby.flashtalking.com d9.flashtalking.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.everestjs.net	assets.adobedtm.com
1	pixel.everesttech.net	citibank.payment-alert.app
1	www.googletagmanager.com	citibank.payment-alert.app
1	citiau.demdex.net	assets.adobedtm.com
1	s.go-mpulse.net	www1.citibank.com.au
1	citiau.tt.omtrdc.net	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	www1.citibank.com.au	citibank.payment-alert.app
1	maxcdn.bootstrapcdn.com	citibank.payment-alert.app
75	38

This site contains links to these domains. Also see Links.

Domain
www.citibank.com.au
www.citibankdining.com.au
www.citirewards.com
careers.citigroup.com
www.citigroup.com

Subject Issuer	Validity	Valid
Kubernetes Ingress Controller Fake Certificate Kubernetes Ingress Controller Fake Certificate	`2022-03-30` - `2023-03-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
marketingportal.citibank.com DigiCert SHA2 Extended Validation Server CA	`2022-02-11` - `2023-03-10`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
www.cdn.citibank.com DigiCert SHA2 Extended Validation Server CA	`2022-01-27` - `2023-01-30`	a year	crt.sh
smetrics.citibank.com.au DigiCert SHA2 Extended Validation Server CA	`2020-07-10` - `2022-06-05`	2 years	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.tmogul.com Amazon	`2021-07-16` - `2022-08-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-14` - `2022-04-14`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-02-24`	a year	crt.sh
www.everestjs.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-02` - `2022-09-02`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2021-07-19` - `2022-08-20`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-03` - `2023-03-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www1.citibank.com.au/
Frame ID: BBF21AB44920CA4550C0411445D11EC7
Requests: 51 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeetMEUAAAAAPg52qbZeAT1O_Q5H9TcYBv8u8Xz&co=aHR0cHM6Ly9jaXRpYmFuay5wYXltZW50LWFsZXJ0LmFwcDo0NDM.&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=3syjr01fzeky
Frame ID: 2B18F88149FB8A65B21C34215F32846D
Requests: 8 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/DPTWG-C2EEJ-DVQHC-M58LJ-HNNNX
Frame ID: 81F14D391A457173DBAABD1173435558
Requests: 2 HTTP requests in this frame

Frame: https://citiau.demdex.net/dest5.html?d_nsid=0
Frame ID: 0DAE5A1C759A77172A2A3B96DA9DDDDF
Requests: 11 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/17079;119300;12701;iframe/?U1=&U2=&U3=23306938742529416040679340218749348185&U4=anon&U5=&ft_referrer=https://www1.citibank.com.au/&cb=649557.4906803217
Frame ID: F588B1978A765A6521D37ED7E90DFACC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Citi Australia

Page URL History Show full URLs

https://citibank.payment-alert.app/ Page URL
https://www1.citibank.com.au/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

75
Requests

77 %
HTTPS

43 %
IPv6

28
Domains

38
Subdomains

35
IPs

6
Countries

2928 kB
Transfer

6661 kB
Size

35
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://www.citibank.com.au/help
Title: citibank.com.au/help

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/aus/static/about_citi.htm?intcid=BN-Productpage-meganav-HC-CC
Title: About Us

Search URL Search Domain Scan URL

URL: http://www.citibank.com.au/aus/help/index.htm?intcid=BN-Productpage-meganav-HC-CC
Title: FAQs

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/global_docs/check_app_status.htm?intcid=Homepage-meganav-CL
Title: Existing Applications

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/personal-loans/using-your-account/?intcid=Homepage-meganav-CL
Title: Using Your Loan

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/aus/footer/contact/travel-overseas.htm
Title: Travelling Overseas

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/aus/banking/estatement.htm
Title: Statement and Notices

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/global_docs/citibank_demo.htm
Title: Online Banking Videos

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/citimobile/#home
Title: Citi Mobile® App

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/aus/banking/mobile-wallets.htm
Title: Mobile Wallets

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/aus/banking/online-security.htm
Title: Online Security

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/AUGCB/JSO/signon/DisplayUsernameSignon.do?JFP_TOKEN=GAMDDVJN
Title: Sign On

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/AUGCB/JSO/signon/DisplayUsernameSignon.do
Title: Sign On to Citibank Online

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/hardship/
Title: Find out how we can help >

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/global_docs/check_app_status.htm
Title: Application Status >

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/AUGCB/JSO/cardAct/ActCardRS.do
Title: Activate your Card >

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/turnoffpaper/
Title: Switch to eStatements >

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/global_docs/kana/ContactUsEmail.htm
Title: Email Us

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/aus/static/about_citi.htm
Title: About us

Search URL Search Domain Scan URL

URL: https://www.citibankdining.com.au/
Title: Citibank Dining Program

Search URL Search Domain Scan URL

URL: https://www.citirewards.com/
Title: Rewards

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/promotions/
Title: Benefits

Search URL Search Domain Scan URL

URL: http://careers.citigroup.com/Careers/index/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/aus/footer/terms_conditions.htm
Title: Website Terms

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/aus/footer/accessibility_services.htm
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/aus/credit_cards/rewards_calc.htm
Title: Rewards Calculator

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/aus/footer/sitemap.htm?intcid=BN-Productpage-meganav-HC-CC
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/aus/investments/forex-rates/AUD.htm
Title: Exchange Rates

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/AUGCB/JSO/reg/SetupRS.do
Title: Register for Online Banking

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/myoffers/
Title: My Offers

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/aus/banking/banking_internetbanking.htm
Title: FAQs

Search URL Search Domain Scan URL

URL: https://www.citigroup.com/australia/privacy/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.citibank.com.au/aus/footer/privacy/privacy-internet.htm
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: http://www.citibank.com.au/aus/investments/financial_services_guides.htm
Title: Financial Services Guide

Search URL Search Domain Scan URL

URL: http://www.citibank.com.au/aus/static/code_banking_practice.htm
Title: Banking Code of Practice

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://citibank.payment-alert.app/ Page URL
https://www1.citibank.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://unpkg.com/axios/dist/axios.min.js HTTP 302
https://unpkg.com/axios@0.26.1/dist/axios.min.js

Request Chain 32

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&d_nsid=0&ts=1649343740712 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&d_nsid=0&ts=1649343740712

Request Chain 37

https://cm.everesttech.net/cm/dd?d_uuid=29713855859050583090002729657902310008 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yk78-QAAAEOQbAP0

Request Chain 53

https://c.bing.com/c.gif?uid=29713855859050583090002729657902310008&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=39660AA886AE68481E5F1BD787C569DA

Request Chain 57

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=29713855859050583090002729657902310008?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=29713855859050583090002729657902310008?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Request Chain 60

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWs3OC1RQUFBRU9RYkFQMA==

Request Chain 61

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yk78-QAAAEOQbAP0&expires=90

Request Chain 62

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yk78-QAAAEOQbAP0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yk78-QAAAEOQbAP0&C=1

Request Chain 63

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Yk78-QAAAEOQbAP0 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYk78-QAAAEOQbAP0

Request Chain 64

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yk78-QAAAEOQbAP0

Request Chain 65

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yk78-QAAAEOQbAP0

Request Chain 66

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yk78-QAAAEOQbAP0&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yk78-QAAAEOQbAP0&img=1&__user_check__=1&sync_id=ba3b09fd-b683-11ec-8f9a-10a0cca80406

Request Chain 67

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yk78-QAAAEOQbAP0&t=2592000&o=0

75 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
citibank.payment-alert.app/ 3 KB
4 KB 856ms
142ms Document
text/html 35.226.132.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://citibank.payment-alert.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.226.132.161 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.132.226.35.bc.googleusercontent.com

Software

Resource Hash

179bd49748ee18f1f18d1559d0b13fad3bd4ba6f47d8a075ccea2a561efb74a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers
cache-control: no-cache
content-length: 3341
content-type: text/html; charset=utf-8
cross-origin-window-policy: deny
date: Thu, 07 Apr 2022 15:02:18 GMT
referer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 861a746f35268cd935cf5442e4791d5c
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
22 KB 167ms
97ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: citibank.payment-alert.app
URL: https://citibank.payment-alert.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://citibank.payment-alert.app/
Origin: https://citibank.payment-alert.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 865
access-control-allow-origin: *
cdn-cachedat: 03/26/2022 19:00:34
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 116ffee99fe750de9b23858bf2d5caa7
cf-ray: 6f83a4bbfe37903d-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1001 B 339ms
38ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeetMEUAAAAAPg52qbZeAT1O_Q5H9TcYBv8u8Xz

Requested by

Host: citibank.payment-alert.app
URL: https://citibank.payment-alert.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b4b523e88ce6c4b3f151b6494df6d644a2de9249c793ffcc88a32c4b0523299d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 588
x-xss-protection: 1; mode=block
expires: Thu, 07 Apr 2022 15:02:18 GMT

GET
H2

200

axios.min.js Show response
unpkg.com/axios@0.26.1/dist/
Redirect Chain

https://unpkg.com/axios/dist/axios.min.js
https://unpkg.com/axios@0.26.1/dist/axios.min.js

17 KB
6 KB

40ms
38ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/axios@0.26.1/dist/axios.min.js

Requested by

Host: citibank.payment-alert.app
URL: https://citibank.payment-alert.app/

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89290d4672ac1ce466302360408c73c96d10cc7ad67a4a3f972563c88efc1b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:18 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2497592
fly-request-id: 01FXQTVX0KCJDVJ8ZMT2JE1S5X-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"457f-zA7QrHnYYTK2xYcjaiN3JvTqWzo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f83a4bc3b039125-FRA

Redirect headers

date: Thu, 07 Apr 2022 15:02:18 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01G028M5B62QYD8RJD1T2A11RH-fra
server: cloudflare
age: 138
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /axios@0.26.1/dist/axios.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6f83a4bbfa7e9125-FRA
access-control-allow-origin: *

GET
H2 200 app.bundle-fb6cabc7a3b47b0b32d5a05fa44e8ca7.js Show response
citibank.payment-alert.app/js/ 1 MB
1 MB 130ms
128ms Script
application/javascript 35.226.132.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://citibank.payment-alert.app/js/app.bundle-fb6cabc7a3b47b0b32d5a05fa44e8ca7.js?vsn=d
Requested by: Host: citibank.payment-alert.app
URL: https://citibank.payment-alert.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.226.132.161 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 161.132.226.35.bc.googleusercontent.com
Software: /
Resource Hash: c44b188d702a60379c4a1f1187cb5be0424c5aa442b47238fb2f272b0cd9008f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:18 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1132122
content-type: application/javascript

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ 362 KB
144 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeetMEUAAAAAPg52qbZeAT1O_Q5H9TcYBv8u8Xz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dff2681d8f5f16b61b464b599d7c62f61efe496b54a77044145495bc8cad36d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://citibank.payment-alert.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 12:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146406
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 04:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Apr 2023 12:57:36 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 2B18 42 KB
22 KB 41ms
39ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeetMEUAAAAAPg52qbZeAT1O_Q5H9TcYBv8u8Xz&co=aHR0cHM6Ly9jaXRpYmFuay5wYXltZW50LWFsZXJ0LmFwcDo0NDM.&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=3syjr01fzeky

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7cc6f6d02690e7e57e8de5d32668ea2665596ccb32afdd18bcaea59e8a083d71

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4YtxTSyuojRov5D/Rz7Bnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22000
content-security-policy: script-src 'report-sample' 'nonce-4YtxTSyuojRov5D/Rz7Bnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 15:02:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame 2B18 51 KB
24 KB 45ms
19ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeetMEUAAAAAPg52qbZeAT1O_Q5H9TcYBv8u8Xz&co=aHR0cHM6Ly9jaXRpYmFuay5wYXltZW50LWFsZXJ0LmFwcDo0NDM.&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=3syjr01fzeky

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 12:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 04:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Apr 2023 12:57:36 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame 2B18 362 KB
143 KB 54ms
28ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dff2681d8f5f16b61b464b599d7c62f61efe496b54a77044145495bc8cad36d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 12:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146406
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 04:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Apr 2023 12:57:36 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2B18 2 KB
2 KB 19ms
19ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 158551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 12 Apr 2022 18:59:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2B18 15 KB
16 KB 68ms
19ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 165338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2B18 15 KB
15 KB 73ms
24ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 175465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 14:17:54 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 2B18 102 B
134 B 33ms
33ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

51540e98209e949f0a7f01c1332f6bf5dfe526adeaabe2705f42184d721f90b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeetMEUAAAAAPg52qbZeAT1O_Q5H9TcYBv8u8Xz&co=aHR0cHM6Ly9jaXRpYmFuay5wYXltZW50LWFsZXJ0LmFwcDo0NDM.&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=3syjr01fzeky
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 07 Apr 2022 15:02:19 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 2B18 32 KB
18 KB 65ms
63ms XHR
application/json 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeetMEUAAAAAPg52qbZeAT1O_Q5H9TcYBv8u8Xz

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

69afb475cded6c133f0a4cf680220451a7d33bff7c177a7520c27316d74997d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeetMEUAAAAAPg52qbZeAT1O_Q5H9TcYBv8u8Xz&co=aHR0cHM6Ly9jaXRpYmFuay5wYXltZW50LWFsZXJ0LmFwcDo0NDM.&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=3syjr01fzeky
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 07 Apr 2022 15:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18414
x-xss-protection: 1; mode=block
expires: Thu, 07 Apr 2022 15:02:19 GMT

POST
H2 404 verify
citibank.payment-alert.app/js/captcha/ 9 B
230 B 124ms
123ms XHR
text/html 35.226.132.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://citibank.payment-alert.app/js/captcha/verify
Requested by: Host: unpkg.com
URL: https://unpkg.com/axios/dist/axios.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.226.132.161 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 161.132.226.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Apr 2022 15:02:19 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 9
x-request-id: e9007128352d4b29c2df77e8e8e27000

GET
H2 200 Primary Request / Show response
www1.citibank.com.au/ 365 KB
51 KB 712ms
42ms Document
text/html 96.16.137.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.citibank.com.au/

Requested by

Host: citibank.payment-alert.app
URL: https://citibank.payment-alert.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-98.deploy.static.akamaitechnologies.com

Software

Resource Hash

0ad4cfe33135debcfe532bbc96cb393550991045acb80918e75591592a204721

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=1800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 07 Apr 2022 15:02:20 GMT
etag: "19534-hOO0c7xATccyULjM/+aWp3+jPG0"
expect-ct: max-age=0
expires: Thu, 07 Apr 2022 15:32:20 GMT
referrer-policy: no-referrer
server-timing: cdn-cache; desc=HIT edge; dur=1
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-ratelimit-limit: 10000
x-ratelimit-remaining: 9995
x-ratelimit-reset: 1649296652
x-xss-protection: 0

GET
H2 200 launch-b730963fa5a7.min.js Show response
assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/ 556 KB
141 KB 77ms
21ms Script
application/x-javascript 2a02:26f0:3500:798::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/launch-b730963fa5a7.min.js
Requested by: Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:798::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0b303486d384390631c498d4dafe92cf21e714d1d9ead843c12644fe8b5441c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:20 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 08:25:09 GMT
server: AkamaiNetStorage
etag: "ab205ea4a458066a97ffa1d32295c1a2:1648628709.684749"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 144085
expires: Thu, 07 Apr 2022 16:02:20 GMT

GET
H2 200 styles.6784a08bed98961a7205.css
marketingportal.citibank.com/msa/ 1 KB
769 B 553ms
427ms Stylesheet
text/css 96.16.137.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://marketingportal.citibank.com/msa/styles.6784a08bed98961a7205.css

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

e6180723277760a2b710d8ce78ee4f93b78aec6a9378983bede2627eaced0a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-ratelimit-reset: 1647699342
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 254
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sat, 19 Mar 2022 14:11:42 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
date: Thu, 07 Apr 2022 15:02:21 GMT
expect-ct: max-age=0
x-ratelimit-remaining: 9999
x-download-options: noopen
content-type: text/css; charset=UTF-8
cache-control: public, max-age=1800
etag: W/"45e-17f8f0fa6d0"
x-ratelimit-limit: 10000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 15:32:21 GMT

GET
H2 200 uiux.theme-base-au.css
marketingportal.citibank.com/msa/assets/styles/ 75 KB
9 KB 548ms
423ms Stylesheet
text/css 96.16.137.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://marketingportal.citibank.com/msa/assets/styles/uiux.theme-base-au.css

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

937484cf9da529f89806800c7f473bf3c5928607662fa046a5ce4cf85b3abd0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-ratelimit-reset: 1647697550
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 8296
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sat, 19 Mar 2022 13:36:24 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
date: Thu, 07 Apr 2022 15:02:21 GMT
expect-ct: max-age=0
x-ratelimit-remaining: 9999
x-download-options: noopen
content-type: text/css; charset=UTF-8
cache-control: public, max-age=1800
etag: W/"12dc0-17f8f0f9f00"
x-ratelimit-limit: 10000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 15:32:21 GMT

GET
H2 200 uiux.theme-citi-blue-light.css
marketingportal.citibank.com/msa/assets/styles/ 75 KB
8 KB 547ms
421ms Stylesheet
text/css 96.16.137.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://marketingportal.citibank.com/msa/assets/styles/uiux.theme-citi-blue-light.css

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

0518c50b8f0ca1f7ba01c80cb0eec09b78a42491b89a263c5b9c58bb1bc78013

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-ratelimit-reset: 1647705058
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 7527
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sat, 19 Mar 2022 15:38:26 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
date: Thu, 07 Apr 2022 15:02:21 GMT
expect-ct: max-age=0
x-ratelimit-remaining: 9999
x-download-options: noopen
content-type: text/css; charset=UTF-8
cache-control: public, max-age=1800
etag: W/"12c28-17f8f0f9f00"
x-ratelimit-limit: 10000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 15:32:21 GMT

GET
H2 200 xfs.js Show response
marketingportal.citibank.com/msa/assets/augcb/vendor/js/ 267 B
651 B 30ms
26ms Script
application/javascript 96.16.137.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://marketingportal.citibank.com/msa/assets/augcb/vendor/js/xfs.js

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

dfd7813d457c7e9dbec1aa447d797b177797a740b2d1869ed6e4d63b2da10d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-ratelimit-reset: 1647696650
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 127
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sat, 19 Mar 2022 13:22:12 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
date: Thu, 07 Apr 2022 15:02:21 GMT
expect-ct: max-age=0
x-ratelimit-remaining: 9999
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
etag: W/"10b-17f8f0f7fc0"
x-ratelimit-limit: 10000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 15:32:21 GMT

GET
H2 200 xss.js Show response
marketingportal.citibank.com/msa/assets/augcb/vendor/js/ 380 B
711 B 39ms
35ms Script
application/javascript 96.16.137.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://marketingportal.citibank.com/msa/assets/augcb/vendor/js/xss.js

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

f996cda08b2649a38263ccf0d1ba02a5e6443c14976d17e92cd2d170c3024b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-ratelimit-reset: 1647696650
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 186
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sat, 19 Mar 2022 13:20:08 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
date: Thu, 07 Apr 2022 15:02:21 GMT
expect-ct: max-age=0
x-ratelimit-remaining: 9999
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
etag: W/"17c-17f8f0f7fc0"
x-ratelimit-limit: 10000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 15:32:21 GMT

GET
H2 200 logo.png
www.cdn.citibank.com/v1/augcb/cbol/files/images/logos/ 1 KB
1 KB 481ms
168ms Image
image/png 2a02:26f0:6c00:282::2928
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn.citibank.com/v1/augcb/cbol/files/images/logos/logo.png
Requested by: Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::2928 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454

Request headers

Referer
Origin: https://www1.citibank.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:21 GMT
last-modified: Sun, 27 Mar 2022 23:32:27 GMT
vary: Origin
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://www1.citibank.com.au
cache-control: max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
content-length: 1040
expires: Thu, 07 Apr 2022 15:07:21 GMT

GET
H2 200 CPLP-tv-banner-1920x520.jpg
www.cdn.citibank.com/v1/augcb/cbol/files/images/2022/ 147 KB
148 KB 515ms
201ms Image
image/jpeg 2a02:26f0:6c00:282::2928
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn.citibank.com/v1/augcb/cbol/files/images/2022/CPLP-tv-banner-1920x520.jpg
Requested by: Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::2928 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 37b6268dbc79babdb97441fa82af249cfe74654ab695fc39ee36636dd91c9808

Request headers

Referer
Origin: https://www1.citibank.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:21 GMT
last-modified: Tue, 05 Apr 2022 06:07:25 GMT
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://www1.citibank.com.au
cache-control: max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
content-length: 151038
expires: Thu, 07 Apr 2022 15:07:21 GMT

GET
H2 200 Citi-Logo-White-1.png
www.cdn.citibank.com/v1/augcb/cbol/files/images/2019/ 2 KB
3 KB 606ms
293ms Image
image/png 2a02:26f0:6c00:282::2928
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn.citibank.com/v1/augcb/cbol/files/images/2019/Citi-Logo-White-1.png
Requested by: Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::2928 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fc203774b220144d4830160109665edef863f2340b64e13ab7c63466cc69919c

Request headers

Referer
Origin: https://www1.citibank.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:21 GMT
last-modified: Tue, 05 Apr 2022 06:06:52 GMT
vary: Origin
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://www1.citibank.com.au
cache-control: max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
content-length: 2270
expires: Thu, 07 Apr 2022 15:07:21 GMT

GET
H2 200 member-fdic.jpg
www.cdn.citibank.com/v1/augcb/cbol/files/images/2019/ 928 B
1 KB 481ms
168ms Image
image/jpeg 2a02:26f0:6c00:282::2928
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn.citibank.com/v1/augcb/cbol/files/images/2019/member-fdic.jpg
Requested by: Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::2928 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d5490304a61adc923ff3abb23970efce7a4bb87e06cc7e28effe0434dfbfa542

Request headers

Referer
Origin: https://www1.citibank.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:21 GMT
last-modified: Sun, 23 Feb 2020 18:42:09 GMT
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://www1.citibank.com.au
cache-control: max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
content-length: 928
expires: Thu, 07 Apr 2022 15:07:21 GMT

GET
H2 200 secure-secure.jpg
www.cdn.citibank.com/v1/augcb/cbol/files/images/2019/ 1 KB
1 KB 459ms
169ms Image
image/jpeg 2a02:26f0:6c00:282::2928
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn.citibank.com/v1/augcb/cbol/files/images/2019/secure-secure.jpg
Requested by: Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::2928 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8ea6d7938186adf5242501f1c4b21c4ee41b8dc592867e115ce64ae23cf09697

Request headers

Referer
Origin: https://www1.citibank.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:21 GMT
last-modified: Sun, 23 Feb 2020 18:41:54 GMT
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://www1.citibank.com.au
cache-control: max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
content-length: 1198
expires: Thu, 07 Apr 2022 15:07:21 GMT

GET
H2 200 nortan-verisign-secure.jpg
www.cdn.citibank.com/v1/augcb/cbol/files/images/2019/ 4 KB
4 KB 445ms
170ms Image
image/jpeg 2a02:26f0:6c00:282::2928
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn.citibank.com/v1/augcb/cbol/files/images/2019/nortan-verisign-secure.jpg
Requested by: Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::2928 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e2f3938af908b4f13928ba044d70c9e0a5162c8e3e3987a84b2363da84bd52ab

Request headers

Referer
Origin: https://www1.citibank.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:21 GMT
last-modified: Sun, 23 Feb 2020 18:41:46 GMT
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://www1.citibank.com.au
cache-control: max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
content-length: 3758
expires: Thu, 07 Apr 2022 15:07:21 GMT

GET
H2 200 runtime-es2015.b38c3770714e899dbcdd.js Show response
marketingportal.citibank.com/msa/ 7 KB
3 KB 1162ms
363ms Script
application/javascript 2a02:26f0:1700:595::44b5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://marketingportal.citibank.com/msa/runtime-es2015.b38c3770714e899dbcdd.js

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:595::44b5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

5d724718dbee04b9180ecc4e106b227596de0afc5eddb68067b862ffc8b5a984

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://www1.citibank.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-ratelimit-reset: 1647697851
server-timing: cdn-cache; desc=HIT, edge; dur=16
vary: Origin
content-length: 2326
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sat, 19 Mar 2022 13:43:16 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
date: Thu, 07 Apr 2022 15:02:22 GMT
expect-ct: max-age=0
x-ratelimit-remaining: 9999
x-download-options: noopen
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www1.citibank.com.au
cache-control: public, max-age=1800
etag: W/"1a2e-rFxG/YLyGV1sfxY2uIFcib7DQDM"
x-ratelimit-limit: 10000
expires: Thu, 07 Apr 2022 15:32:22 GMT

GET
H2 200 polyfills-ie-es5.d6b3288d6acaf6434158.js Show response
marketingportal.citibank.com/msa/ 85 KB
26 KB 28ms
26ms Script
application/javascript 96.16.137.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://marketingportal.citibank.com/msa/polyfills-ie-es5.d6b3288d6acaf6434158.js

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

bac148906449bb5ee593a1584dfa2293acc5c51c88814633062f5b669697cacc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-ratelimit-reset: 1647697550
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 26480
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sat, 19 Mar 2022 13:45:20 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
date: Thu, 07 Apr 2022 15:02:21 GMT
expect-ct: max-age=0
x-ratelimit-remaining: 9999
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
etag: W/"15483-17f8f0fa6d0"
x-ratelimit-limit: 10000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 15:32:21 GMT

GET
H2 200 polyfills-es2015.48c5d1c1218970ed01a7.js Show response
marketingportal.citibank.com/msa/ 36 KB
12 KB 1158ms
363ms Script
application/javascript 2a02:26f0:1700:595::44b5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://marketingportal.citibank.com/msa/polyfills-es2015.48c5d1c1218970ed01a7.js

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:595::44b5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

0a375e8d1b186dc6d87de0a6a30382423b7c357b1f0d4d0692ce90d8323b93dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://www1.citibank.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-ratelimit-reset: 1647699651
server-timing: cdn-cache; desc=HIT, edge; dur=15
vary: Origin
content-length: 11253
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sat, 19 Mar 2022 14:13:57 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
date: Thu, 07 Apr 2022 15:02:22 GMT
expect-ct: max-age=0
x-ratelimit-remaining: 9999
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://www1.citibank.com.au
cache-control: public, max-age=1800
etag: W/"9103-17f8f0fa6d0"
x-ratelimit-limit: 10000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 15:32:22 GMT

GET
H2 200 scripts.68a796b7a506d47e6d69.js Show response
marketingportal.citibank.com/msa/ 88 KB
28 KB 28ms
27ms Script
application/javascript 96.16.137.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://marketingportal.citibank.com/msa/scripts.68a796b7a506d47e6d69.js

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

e235fb2fc6e984641014bca28416e61d8d256830d531c4e0217590a80c4cd510

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-ratelimit-reset: 1647695742
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 28099
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sat, 19 Mar 2022 13:11:58 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
date: Thu, 07 Apr 2022 15:02:21 GMT
expect-ct: max-age=0
x-ratelimit-remaining: 9999
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
etag: W/"15e70-17f8f0fa6d0"
x-ratelimit-limit: 10000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 15:32:21 GMT

GET
H2 200 main-es2015.1ee96c6a70b93fa742ba.js Show response
marketingportal.citibank.com/msa/ 2 MB
333 KB 1092ms
307ms Script
application/javascript 2a02:26f0:1700:595::44b5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://marketingportal.citibank.com/msa/main-es2015.1ee96c6a70b93fa742ba.js

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:595::44b5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

6e97f89e0d33c7c7e52cead447b12b0fe0b9f441ebcd6c7cc1a0897da84b9522

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://www1.citibank.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-ratelimit-reset: 1647698442
server-timing: cdn-cache; desc=HIT, edge; dur=39
vary: Origin
content-length: 340136
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sat, 19 Mar 2022 13:56:27 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
date: Thu, 07 Apr 2022 15:02:22 GMT
expect-ct: max-age=0
x-ratelimit-remaining: 9999
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://www1.citibank.com.au
cache-control: public, max-age=1800
etag: W/"1fcf48-17f8f0fa6d0"
x-ratelimit-limit: 10000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 15:32:22 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&d_nsid=0&ts=1649343740712
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&d_nsid=0&ts=1649343740712

3 KB
2 KB

45ms
45ms

XHR
application/json

34.246.220.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&d_nsid=0&ts=1649343740712

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

HTTP/1.1

Server

34.246.220.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-220-204.eu-west-1.compute.amazonaws.com

Software

Resource Hash

df2c6b3323df9e9451d9c892b9d44aa30903fd94e2a92951a11162e709bc7f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-00923ae7d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: F7WacuU8S+s=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www1.citibank.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1031
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v030-04298c2a3.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www1.citibank.com.au
X-TID: o93vfyiSRUg=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&d_nsid=0&ts=1649343740712
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 33 KB
12 KB 21ms
18ms Script
application/x-javascript 2a02:26f0:3500:798::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/launch-b730963fa5a7.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:798::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:21 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 22:18:26 GMT
server: AkamaiNetStorage
etag: "85722a02b6a7feb74d08ac7875516bee:1642630706.903013"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12243
expires: Thu, 07 Apr 2022 16:02:21 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 3 KB
2 KB 21ms
19ms Script
application/x-javascript 2a02:26f0:3500:798::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/launch-b730963fa5a7.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:798::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:21 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 22:18:27 GMT
server: AkamaiNetStorage
etag: "9355415074dbdbd216a19b61ce931ab2:1642630707.219535"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1599
expires: Thu, 07 Apr 2022 16:02:21 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 25 KB
9 KB 21ms
19ms Script
application/x-javascript 2a02:26f0:3500:798::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/launch-b730963fa5a7.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:798::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ab5351bd9526d7495a4f0a304c190bb8616b99c1c58e1899638b9ea4a60a88c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:21 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 22:18:27 GMT
server: AkamaiNetStorage
etag: "72152d82739a20813d7490454a0d252e:1642630707.464895"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8755
expires: Thu, 07 Apr 2022 16:02:21 GMT

GET
H2 200 id Show response
smetrics.citibank.com.au/ 48 B
515 B 876ms
26ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.citibank.com.au/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&mid=23306938742529416040679340218749348185&ts=1649343741011

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/launch-b730963fa5a7.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

5f6afc1e56d162d01256dc07f2c617c13063323d2cd10d54e565d20943dc2f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Apr 2022 15:02:21 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-7b6f4bb9f7-txtkn
vary: Origin
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www1.citibank.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Yk78-QAAAEOQbAP0
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=29713855859050583090002729657902310008
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yk78-QAAAEOQbAP0

42 B
943 B

41ms
41ms

Image
image/gif

34.246.220.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yk78-QAAAEOQbAP0

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

HTTP/1.1

Server

34.246.220.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-220-204.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-01115f9c3.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: nXcAC0hXSIE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yk78-QAAAEOQbAP0
Date: Thu, 07 Apr 2022 15:02:21 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
citiau.tt.omtrdc.net/rest/v1/ 349 B
592 B 181ms
65ms XHR
application/json 54.195.123.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://citiau.tt.omtrdc.net/rest/v1/delivery?client=citiau&sessionId=5a1c4885c8e5445aa869259002f4d006&version=2.3.2
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/launch-b730963fa5a7.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.123.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-123-189.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f5de10f24f1567df11b784ca5380c0805372a1f0d7276319a2c9685e1483de9a

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Apr 2022 15:02:21 GMT
content-encoding: gzip
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www1.citibank.com.au
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 3b55e23275a8c9229aeea9a59265230d

GET
H2 200 DPTWG-C2EEJ-DVQHC-M58LJ-HNNNX Show response
s.go-mpulse.net/boomerang/ Frame 81F1 205 KB
49 KB 184ms
56ms Script
application/javascript 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/DPTWG-C2EEJ-DVQHC-M58LJ-HNNNX
Requested by: Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:21 GMT
content-encoding: br
last-modified: Tue, 18 Jan 2022 11:03:53 GMT
x-n: S
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 Interstate-Light.0920ea062ddcb201ba21.woff2
marketingportal.citibank.com/msa/ 53 KB
54 KB 1141ms
361ms Font
font/woff2 2a02:26f0:1700:595::44b5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://marketingportal.citibank.com/msa/Interstate-Light.0920ea062ddcb201ba21.woff2

Requested by

Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/styles.6784a08bed98961a7205.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:595::44b5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

36f5959d29a589389a72cfbb32121fb47fcc3f0b703aef7d0e0bb6392233e136

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://www1.citibank.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-ratelimit-reset: 1647707442
server-timing: cdn-cache; desc=HIT, edge; dur=25
vary: Origin
content-length: 54204
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 15 Mar 2022 19:30:32 GMT
x-frame-options: SAMEORIGIN
date: Thu, 07 Apr 2022 15:02:22 GMT
expect-ct: max-age=0
x-ratelimit-remaining: 9999
x-download-options: noopen
content-type: font/woff2
access-control-allow-origin: https://www1.citibank.com.au
cache-control: public, max-age=1800
etag: W/"d3bc-17f8f0f7fc0"
x-ratelimit-limit: 10000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 15:32:22 GMT

GET
H2 200 Interstate-Bold.4e77d421580b9c21f6f3.woff2
marketingportal.citibank.com/msa/ 50 KB
51 KB 1133ms
361ms Font
font/woff2 2a02:26f0:1700:595::44b5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://marketingportal.citibank.com/msa/Interstate-Bold.4e77d421580b9c21f6f3.woff2

Requested by

Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/styles.6784a08bed98961a7205.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:595::44b5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fc23ba8d5567a8bd8b0185acf1bb1aabcc5cec8c8c1ed490945b57834599ea4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://www1.citibank.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-ratelimit-reset: 1647707751
server-timing: cdn-cache; desc=HIT, edge; dur=19
vary: Origin
content-length: 51568
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 15 Mar 2022 19:30:30 GMT
x-frame-options: SAMEORIGIN
date: Thu, 07 Apr 2022 15:02:22 GMT
expect-ct: max-age=0
x-ratelimit-remaining: 9999
x-download-options: noopen
content-type: font/woff2
access-control-allow-origin: https://www1.citibank.com.au
cache-control: public, max-age=1800
etag: W/"c970-17f8f0f77f0"
x-ratelimit-limit: 10000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 15:32:22 GMT

GET
H/1.1 200
OK dest5.html Show response
citiau.demdex.net/ Frame 0DAE 7 KB
3 KB 184ms
53ms Document
text/html 52.213.251.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://citiau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/launch-b730963fa5a7.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.251.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-251-128.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v030-004bed570.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 2AElWvlhQ+M=
content-encoding: gzip
date: Thu, 7 Apr 2022 15:02:21 GMT
last-modified: Tue, 15 Mar 2022 12:08:41 GMT
vary: accept-encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
41 KB 91ms
36ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-784250228

Requested by

Host: citibank.payment-alert.app
URL: https://citibank.payment-alert.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0bce78c604898c558cdcf3c45023436cb2cf52b5f1b42238cf6541625c21f527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41563
x-xss-protection: 0
expires: Thu, 07 Apr 2022 15:02:21 GMT

GET
H/1.1 200
OK 7169 Show response
pixel.everesttech.net/rlsa/ 0
152 B 180ms
42ms Script
text/javascript 52.215.248.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.everesttech.net/rlsa/7169
Requested by: Host: citibank.payment-alert.app
URL: https://citibank.payment-alert.app/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.248.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-248-120.eu-west-1.compute.amazonaws.com
Software: AMO-RLSA/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 15:02:21 GMT
Server: AMO-RLSA/1.1
Connection: keep-alive
Content-Length: 0
Content-Type: text/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 58ms
19ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: citibank.payment-alert.app
URL: https://citibank.payment-alert.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: kD/Oef7NGtVR86xpeej40enPqMduLHnjAnBQTVPBHVJpIqQjqZvDowIKCWE8YjMAHNOuSvJRoEbYorPDcY6OvA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 07 Apr 2022 15:02:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/container/17079;119300;12701;iframe/ Frame F588 5 KB
5 KB 194ms
99ms Document
text/html 209.197.3.19
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://servedby.flashtalking.com/container/17079;119300;12701;iframe/?U1=&U2=&U3=23306938742529416040679340218749348185&U4=anon&U5=&ft_referrer=https://www1.citibank.com.au/&cb=649557.4906803217
Requested by: Host: citibank.payment-alert.app
URL: https://citibank.payment-alert.app/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app4.frk11 /
Resource Hash: 937f28029004f6fd665ec1e558a5d283ecc60ce9000d134965e2e327b282e879

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Connection: close
Content-Type: text/html
Date: Thu, 07 Apr 2022 15:02:21 GMT
Pragma: no-cache
Server: prod-xre-app4.frk11
X-HW: 1649343741.dop223.fr8.t,1649343741.cds222.fr8.shn,1649343741.dop223.fr8.t,1649343741.cds144.fr8.sc,1649343741.cds144.fr8.p

GET
H/1.1 200
OK last-event-tag-latest.min.js Show response
www.everestjs.net/static/le/ 7 KB
3 KB 74ms
16ms Script
application/javascript 96.16.147.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d79407f32b17/4f0aa3e24b71/launch-b730963fa5a7.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.147.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-147-243.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Wed, 16 Jun 2021 15:18:41 GMT
Server: AmazonS3
x-amz-request-id: R6X1Z4GZMHQJ34R0
ETag: "d5991c18a0042eb33f92c6b5b44ffe8d"
Vary: Accept-Encoding
Content-Type: application/javascript
Date: Thu, 07 Apr 2022 15:02:21 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2663
x-amz-id-2: jm8UZxXlNwBRe5MV76nXmfeJxyOsHxAxlRqx4Yx6Lk22skfaD1o6r2gLlsQkG8CibRTuc9Pz10M=

GET
H3 200 204597980046534 Show response
connect.facebook.net/signals/config/ 41 KB
11 KB 116ms
86ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/204597980046534?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e8bba8f0f8f5c5fee907cbb9af6838d8bc2616ca10e7e723a5503cee109a5d4f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: tfhr5pu4hvxz4hsA/lYlmk3MhvqpLcZsgPwjjDCbkM52VnETtuBPaW2ATi+yWnEyGiOZdamRvz+6LnUceyQtng==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 07 Apr 2022 15:02:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 89ms
40ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-784250228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

7ce02e0f563c14e7fd2d3249c13317e74fef66108f27096bf04a04552aa0c99c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14886
x-xss-protection: 0
server: cafe
etag: 11980861724045072707
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Apr 2022 15:02:21 GMT

GET
H/1.1 200 d9core Show response
d9.flashtalking.com/ Frame F588 11 KB
4 KB 1334ms
1161ms Script
application/javascript 54.171.119.76

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/d9core
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/17079;119300;12701;iframe/?U1=&U2=&U3=23306938742529416040679340218749348185&U4=anon&U5=&ft_referrer=https://www1.citibank.com.au/&cb=649557.4906803217
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.119.76 -, , ASN (),
Reverse DNS
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 67c1197923b6c103ac40f4fa5b9f44df27f194e81870d69f497083753d594925

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 15:02:21 GMT
Content-Encoding: gzip
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag: 5bc31bf7d4a298e1bef9d35fce222bfc
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: d9.flashtalking.com
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 3602

GET
H/1.1 200
OK /
servedby.flashtalking.com/spot/7/17079;119300;12701/ Frame F588 42 B
354 B 59ms
23ms Image
image/gif 209.197.3.19
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/spot/7/17079;119300;12701/?U1=&U2=&U3=23306938742529416040679340218749348185&U4=anon&U5=&ft_referrer=https://www1.citibank.com.au/&cb=649557.4906803217&ft_trackID=16493437-4133-2511-9435-B2875AA5A511
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/17079;119300;12701;iframe/?U1=&U2=&U3=23306938742529416040679340218749348185&U4=anon&U5=&ft_referrer=https://www1.citibank.com.au/&cb=649557.4906803217
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app2.frk11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://servedby.flashtalking.com/container/17079;119300;12701;iframe/?U1=&U2=&U3=23306938742529416040679340218749348185&U4=anon&U5=&ft_referrer=https://www1.citibank.com.au/&cb=649557.4906803217
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Apr 2022 15:02:21 GMT
Server: prod-xre-app2.frk11
X-HW: 1649343741.dop208.fr8.shc,1649343741.dop208.fr8.t,1649343741.cds159.fr8.sc,1649343741.cds159.fr8.p
Content-Type: image/gif
Cache-Control: no-cache,no-store
Connection: Keep-Alive
Content-Length: 42

GET
H2 200 / Show response
lasteventf-tm.everesttech.net/ 0
211 B 95ms
17ms XHR
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lasteventf-tm.everesttech.net/?_les_imsOrgId=9D2361D45DFA6F800A495FEF@AdobeOrg&_les_sdid=5166967B7ED5E35B-48E468F6FB354834&_les_last_search_click=&_les_rsid=citiau-au-prod&_les_mid=23306938742529416040679340218749348185&_les_url=https%3A%2F%2Fwww1.citibank.com.au%2F
Requested by: Host: www.everestjs.net
URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:21 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1649343741.465608,VS0,VE0
x-cache: MISS
content-type: text/plain
access-control-allow-origin: https://www1.citibank.com.au
access-control-allow-credentials: true
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4083-HHN

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=39660AA886AE68481E5F1BD787C569DA
dpm.demdex.net/ Frame 0DAE
Redirect Chain

https://c.bing.com/c.gif?uid=29713855859050583090002729657902310008&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=39660AA886AE68481E5F1BD787C569DA

42 B
943 B

54ms
51ms

Image
image/gif

34.246.220.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=39660AA886AE68481E5F1BD787C569DA

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

HTTP/1.1

Server

34.246.220.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-220-204.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citiau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v030-083d49765.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: CzFjcouATJw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 07 Apr 2022 15:02:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4039050DCF9A44B3A933C089A4963D53 Ref B: FRAEDGE1409 Ref C: 2022-04-07T15:02:21Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=39660AA886AE68481E5F1BD787C569DA
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 81F1 6 KB
2 KB 90ms
39ms XHR
application/json 2a02:26f0:fb:188::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=DPTWG-C2EEJ-DVQHC-M58LJ-HNNNX&d=www1.citibank.com.au&t=5497812&v=1.720.0&if=&sl=0&si=38474403-2583-4f96-bc2a-a39ce054d972-r9z5rw&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=405779
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/DPTWG-C2EEJ-DVQHC-M58LJ-HNNNX
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:fb:188::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b56f9c74fd00dd556e47b8896b128bbed015531d832f1132c2a074b1449ab4cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 15:02:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1272

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 54ms
19ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=204597980046534&ev=PageView&dl=https%3A%2F%2Fwww1.citibank.com.au%2F&rl=&if=false&ts=1649343741422&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=28&fbp=fb.2.1649343741419.1029939884&it=1649343741291&coo=false&tm=1&rqm=GET

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 07 Apr 2022 15:02:21 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/784250228/ 2 KB
2 KB 86ms
30ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784250228/?random=1649343741426&cv=9&fst=1649343741426&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww1.citibank.com.au%2F&tiba=Citi%20Australia&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e444476f6cbc1940e455e11f69db7e2d41781651e193769f48792fa6e7d1eda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 15:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1028
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame 0DAE
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=29713855859050583090002729657902310008?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=29713855859050583090002729657902310008?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

42 B
961 B

40ms
40ms

Image
image/gif

34.246.220.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

HTTP/1.1

Server

34.246.220.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-220-204.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citiau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-0ca40b480.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 300,104
X-TID: BRCZsxRHTro=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 07 Apr 2022 15:02:21 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
expires: 0
cache-control: no-cache
x-server: 10.45.15.1
content-length: 0
x-consent: absent

GET
H3 200 /
www.google.com/pagead/1p-user-list/784250228/ 42 B
64 B 30ms
30ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/784250228/?random=1649343741426&cv=9&fst=1649343600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww1.citibank.com.au%2F&tiba=Citi%20Australia&async=1&fmt=3&is_vtc=1&random=426959509&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 15:02:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/784250228/ 42 B
548 B 231ms
31ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/784250228/?random=1649343741426&cv=9&fst=1649343600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww1.citibank.com.au%2F&tiba=Citi%20Australia&async=1&fmt=3&is_vtc=1&random=426959509&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 15:02:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0DAE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWs3OC1RQUFBRU9RYkFQMA==

170 B
502 B

127ms
26ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWs3OC1RQUFBRU9RYkFQMA==

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citiau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 15:02:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Apr 2022 15:02:21 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1649343742.611279,VS0,VE0
x-served-by: cache-hhn4083-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWs3OC1RQUFBRU9RYkFQMA==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0DAE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yk78-QAAAEOQbAP0&expires=90

0
239 B

82ms
19ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yk78-QAAAEOQbAP0&expires=90
Requested by: Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citiau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 07 Apr 2022 15:02:21 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1649343742.707823,VS0,VE0
x-served-by: cache-hhn4083-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yk78-QAAAEOQbAP0&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0DAE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yk78-QAAAEOQbAP0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yk78-QAAAEOQbAP0&C=1

43 B
1003 B

28ms
27ms

Image
image/gif

23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yk78-QAAAEOQbAP0&C=1
Requested by: Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol: HTTP/1.1
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citiau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Apr 2022 15:02:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 07 Apr 2022 15:02:21 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 07 Apr 2022 15:02:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yk78-QAAAEOQbAP0&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Thu, 07 Apr 2022 15:02:21 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 0DAE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Yk78-QAAAEOQbAP0
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYk78-QAAAEOQbAP0

43 B
1 KB

73ms
73ms

Image
image/gif

185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYk78-QAAAEOQbAP0

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

HTTP/1.1

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citiau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Apr 2022 15:02:22 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1c2f7fb1-8d78-4dc3-806b-c6224925b0d7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 07 Apr 2022 15:02:21 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 09d661eb-aef4-4538-8e4a-2ed2c012e26a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYk78-QAAAEOQbAP0
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0DAE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yk78-QAAAEOQbAP0

43 B
274 B

69ms
33ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yk78-QAAAEOQbAP0
Requested by: Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citiau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 15:02:22 GMT
via: 1.1 google
server: OXGW/18.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Apr 2022 15:02:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1649343742.002942,VS0,VE0
x-served-by: cache-hhn4083-HHN
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yk78-QAAAEOQbAP0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0DAE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yk78-QAAAEOQbAP0

1 B
545 B

110ms
30ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yk78-QAAAEOQbAP0
Requested by: Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citiau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:22 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:617
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 07 Apr 2022 15:02:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1649343742.103897,VS0,VE0
x-served-by: cache-hhn4083-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yk78-QAAAEOQbAP0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 0DAE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yk78-QAAAEOQbAP0&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yk78-QAAAEOQbAP0&img=1&__user_check__=1&sync_id=ba3b09fd-b683-11ec-8f9a-10a0cca80406

43 B
548 B

35ms
35ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yk78-QAAAEOQbAP0&img=1&__user_check__=1&sync_id=ba3b09fd-b683-11ec-8f9a-10a0cca80406
Requested by: Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citiau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 15:02:22 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 29
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 07 Apr 2022 15:02:22 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=Yk78-QAAAEOQbAP0&img=1&__user_check__=1&sync_id=ba3b09fd-b683-11ec-8f9a-10a0cca80406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 139
Connection: keep-alive
Content-Length: 0

GET
H3

200

b.php
www.facebook.com/fr/ Frame 0DAE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yk78-QAAAEOQbAP0&t=2592000&o=0

43 B
71 B

68ms
45ms

Image
image/gif

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yk78-QAAAEOQbAP0&t=2592000&o=0

Requested by

Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/

Protocol

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citiau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 08:02:22 PDT
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: iU5OR1i+iQuqBcvmdANbxMGMZbXzXEs1Y1bNKT8UY4ruW2Uqhle27XFexaPgcYmQyW8FGozCTislDLTFPEqUsA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Thu, 07 Apr 2022 08:02:22 PDT

Redirect headers

pragma: no-cache
date: Thu, 07 Apr 2022 15:02:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1649343742.317694,VS0,VE0
x-served-by: cache-hhn4083-HHN
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yk78-QAAAEOQbAP0&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55e066703c69d4d89a1f4d66794d474aa93d710624d8f807096bac17a7867b17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
H2 200 citi-gcg-172074-citi-portal-uiux-combos-rich-dialog-es2015.e04f320c342236b2f3a3.js Show response
marketingportal.citibank.com/msa/ 12 KB
3 KB 24ms
24ms Script
application/javascript 96.16.137.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://marketingportal.citibank.com/msa/citi-gcg-172074-citi-portal-uiux-combos-rich-dialog-es2015.e04f320c342236b2f3a3.js

Requested by

Host: marketingportal.citibank.com
URL: https://marketingportal.citibank.com/msa/runtime-es2015.b38c3770714e899dbcdd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-98.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

55f527615ac9b972aa403825784ead7942cd799f5f710cc13b7dd7b662ae7b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-ratelimit-reset: 1647697858
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 2584
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sat, 19 Mar 2022 13:46:25 GMT
server: Akamai Resource Optimizer
x-frame-options: SAMEORIGIN
date: Thu, 07 Apr 2022 15:02:22 GMT
expect-ct: max-age=0
x-ratelimit-remaining: 9999
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
etag: W/"30f7-17f8f0fa6d0"
x-ratelimit-limit: 10000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 15:32:22 GMT

GET
H2 200 GCA_landingpage_showcase.jpg
www.cdn.citibank.com/v1/augcb/cbol/files/home/ 107 KB
107 KB 110ms
109ms Image
image/jpeg 2a02:26f0:6c00:282::2928
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn.citibank.com/v1/augcb/cbol/files/home/GCA_landingpage_showcase.jpg
Requested by: Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::2928 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 33589bf39c2afc1e9f8d6f0c50b5e3840bbf5fa54a18f278116dc799fc144cc0

Request headers

Referer
Origin: https://www1.citibank.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:23 GMT
last-modified: Tue, 05 Apr 2022 06:06:52 GMT
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://www1.citibank.com.au
cache-control: max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
content-length: 109408
expires: Thu, 07 Apr 2022 15:07:23 GMT

GET
H2 200 Ready-Credit-showcase-reduced3-920x520.jpg
www.cdn.citibank.com/v1/augcb/cbol/files/images/2022/ 96 KB
97 KB 105ms
105ms Image
image/jpeg 2a02:26f0:6c00:282::2928
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn.citibank.com/v1/augcb/cbol/files/images/2022/Ready-Credit-showcase-reduced3-920x520.jpg
Requested by: Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::2928 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d30ce9c5ac166090a7000f37b89cccd2f3e92cef7da1051791c99dabc2f1dcc8

Request headers

Referer
Origin: https://www1.citibank.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:23 GMT
last-modified: Tue, 05 Apr 2022 06:06:52 GMT
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://www1.citibank.com.au
cache-control: max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
content-length: 98641
expires: Thu, 07 Apr 2022 15:07:23 GMT

GET
H2 200 Citi_Premier_Qantas_920x520.jpg
www.cdn.citibank.com/v1/augcb/cbol/files/ 119 KB
119 KB 84ms
84ms Image
image/jpeg 2a02:26f0:6c00:282::2928
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cdn.citibank.com/v1/augcb/cbol/files/Citi_Premier_Qantas_920x520.jpg
Requested by: Host: www1.citibank.com.au
URL: https://www1.citibank.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::2928 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b84f240c59d2dea87e89eec348fc43db20451a808a9333cd80482fc8fc6c8172

Request headers

Referer
Origin: https://www1.citibank.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:02:23 GMT
last-modified: Tue, 05 Apr 2022 06:08:07 GMT
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://www1.citibank.com.au
cache-control: max-age=300
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
content-length: 121561
expires: Thu, 07 Apr 2022 15:07:23 GMT

POST lgc
d9.flashtalking.com/ Frame F588 0
0

GET
H2 200 s72686151941830 Show response
smetrics.citibank.com.au/b/ss/citiau-au-prod/10/JS-2.22.4-LBWB/ 3 KB
3 KB 52ms
52ms Script
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.citibank.com.au/b/ss/citiau-au-prod/10/JS-2.22.4-LBWB/s72686151941830?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=7%2F3%2F2022%2015%3A2%3A23%204%200&d.&nsid=0&jsonv=1&.d&sdid=5166967B7ED5E35B-48E468F6FB354834&mid=23306938742529416040679340218749348185&aamlh=6&ce=UTF-8&ns=citiau&cdp=3&fpCookieDomainPeriods=3&pageName=AU%3APublic%3AHome&g=https%3A%2F%2Fwww1.citibank.com.au%2F&cc=AUD&ch=Public&server=www1.citibank.com.au&events=event2%3Dundefined&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=Web&v1=Web&c2=Australia&v2=Australia&v3=prod&c4=Friday%20%2C%201%3A02%20AM&v4=Friday%20%2C%201%3A02%20AM&c5=New&v5=New&c6=23306938742529416040679340218749348185&v6=23306938742529416040679340218749348185&c7=anon&v7=1&c8=SiteCatalyst%20Base%20Code%20JS%202.22.0&v8=SiteCatalyst%20Base%20Code%20JS%202.22.0&c15=AU%3APublic&v15=AU%3APublic&c16=AU%3APublic%3AHome&v16=AU%3APublic%3AHome&c19=pre-login%20content%20page&v19=pre-login%20content%20page&c20=AU%3APublic%3AHome&v20=AU%3APublic%3AHome&c21=https%3A%2F%2Fwww1.citibank.com.au%2F&v21=https%3A%2F%2Fwww1.citibank.com.au%2F&c22=https%3A%2F%2Fwww1.citibank.com.au%2F&v22=https%3A%2F%2Fwww1.citibank.com.au%2F&c24=en&v24=en&v119=Prospect&v130=anon&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=9D2361D45DFA6F800A495FEF%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

d6f127a6b42cfffdb932b2a79b50f7684b1eea24052666d97e2ab3845060acb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-aam-tid: NpcYJCubRbU=
date: Thu, 07 Apr 2022 15:02:23 GMT
x-content-type-options: nosniff
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
vary: *
content-length: 2768
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v030-00923ae7d.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Fri, 08 Apr 2022 15:02:23 GMT
server: jag
xserver: anedge-7b6f4bb9f7-k9qsj
etag: 3541938719938805760-4619433125565444097
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 06 Apr 2022 15:02:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d9.flashtalking.com
URL: https://d9.flashtalking.com/lgc

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 06:28:15	Name: _GRECAPTCHA Value: 09AG0dS7t5yjvkTn8ezJAHzQt0R5SonB2kf9gSbTwFdQaoFRBgiwBqDt9L8mCOlXOCmGrPksdV27fotasOi0rR1d4
citibank.payment-alert.app/	1970-01-20 02:52:15	Name: X2NzX2xpbmtfaWQ6MTQ4NDI5MzI Value: NTczNDEzNjM
citibank.payment-alert.app/	1969-12-31 23:59:59	Name: _cs_link_id Value: MTQ4NDI5MzI
.citibank.com.au/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 06:28:15	Name: demdex Value: 29713855859050583090002729657902310008
.www1.citibank.com.au/	1969-12-31 23:59:59	Name: AMCVS_9D2361D45DFA6F800A495FEF%40AdobeOrg Value: 1
.citibank.com.au/	1970-01-20 19:43:08	Name: mbox Value: session#5a1c4885c8e5445aa869259002f4d006#1649345601\|PC#5a1c4885c8e5445aa869259002f4d006.37_0#1712588542
.citibank.com.au/	1970-01-20 04:18:39	Name: _gcl_au Value: 1.1.381596095.1649343741
.citibank.com.au/	1970-01-20 04:18:39	Name: _fbp Value: fb.2.1649343741419.1029939884
.everesttech.net/	1970-01-20 10:54:39	Name: everest_g_v2 Value: g_surferid~Yk78-QAAAEOQbAP0
.bing.com/	1970-01-20 11:30:39	Name: MUID Value: 39660AA886AE68481E5F1BD787C569DA
.citibank.com.au/	1970-01-20 19:41:42	Name: adcloud Value: {%22_les_v%22:%22y%2Ccitibank.com.au%2C1649345541%22}
.dpm.demdex.net/	1970-01-20 06:28:15	Name: dpm Value: 29713855859050583090002729657902310008
.doubleclick.net/	1970-01-20 02:09:04	Name: test_cookie Value: CheckForPermission
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.citibank.com.au/	1970-01-20 19:40:15	Name: s_ecid Value: MCMID%7C23306938742529416040679340218749348185
.www1.citibank.com.au/	1970-01-20 19:41:42	Name: AMCV_9D2361D45DFA6F800A495FEF%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19090%7CMCMID%7C23306938742529416040679340218749348185%7CMCAAMLH-1649948541%7C6%7CMCAAMB-1649948541%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1649350941s%7CNONE%7CMCSYNCSOP%7C411-19097%7CMCAID%7CNONE%7CvVersion%7C5.2.0
.casalemedia.com/	1970-01-20 10:54:39	Name: CMID Value: Yk78-WLkGIWHEkdmE25iBQAA
.casalemedia.com/	1970-01-20 04:18:39	Name: CMPS Value: 3192
.casalemedia.com/	1970-01-20 04:18:39	Name: CMPRO Value: 1112
.casalemedia.com/	1970-01-20 10:54:39	Name: CMRUM3 Value: 58624efcfd2760Yk78-QAAAEOQbAP0
.casalemedia.com/	1970-01-20 02:10:30	Name: CMST Value: Yk78-WJO-P0A
.adnxs.com/	1970-01-20 04:18:39	Name: uuid2 Value: 4302649416117236672
.adnxs.com/	1970-01-20 04:18:39	Name: anj Value: dTM7k!M4.FErk#WF']wIg2In8tGoSs!]tbPl1MwL(!R7qUY$+naZ7utYWJXgMujJPN>^QRXA_NY<QG=%9sk?bIRwi:w9Ld1ItyWc17Mco/y@Yw#ttkF*qs]x
.pubmatic.com/	1970-01-20 04:18:39	Name: KRTBCOOKIE_218 Value: 4056-Yk78-QAAAEOQbAP0&KRTB&22978-Yk78-QAAAEOQbAP0&KRTB&23194-Yk78-QAAAEOQbAP0&KRTB&23209-Yk78-QAAAEOQbAP0
.pubmatic.com/	1970-01-20 02:52:15	Name: PugT Value: 1649343742
.pubmatic.com/	1970-01-20 04:18:39	Name: PUBMDCID Value: 3
.demdex.net/	1970-01-20 06:28:15	Name: dextp Value: 1957-1-1649343741382\|121998-1-1649343741485\|144230-1-1649343741586\|144231-1-1649343741688\|144232-1-1649343741789\|144233-1-1649343741892\|144234-1-1649343741993\|144235-1-1649343742094\|144236-1-1649343742196\|144237-1-1649343742308
.spotxchange.com/	1970-01-20 10:54:43	Name: audience Value: ba3b09cf-b683-11ec-8f9a-10a0cca80406
.citibank.com.au/	1970-01-20 02:52:15	Name: s_nr30 Value: 1649343743181-New
.citibank.com.au/	1970-01-20 10:55:11	Name: s_vnc365 Value: 1680879743181%26vn%3D1
.citibank.com.au/	1970-01-20 02:09:05	Name: s_ivc Value: true
.citibank.com.au/	1970-01-20 02:09:05	Name: s_gpv Value: AU%3APublic%3AHome
.citibank.com.au/	1970-01-20 02:09:05	Name: gpv_Page Value: AU%3APublic%3AHome
.citibank.com.au/	1970-01-20 02:19:08	Name: RT Value: "z=1&dm=citibank.com.au&si=d34f80f4-78e1-4474-83f0-4d17dca857af&ss=l1p4oejl&sl=1&tt=2lr&bcn=%2F%2F684dd328.akstat.io%2F&ld=2lu"

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://citibank.payment-alert.app/js/captcha/verify Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://servedby.flashtalking.com/container/17079;119300;12701;iframe/?U1=&U2=&U3=23306938742529416040679340218749348185&U4=anon&U5=&ft_referrer=https://www1.citibank.com.au/&cb=649557.4906803217 Message: Access to XMLHttpRequest at 'https://d9.flashtalking.com/lgc' from origin 'https://servedby.flashtalking.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d9.flashtalking.com/lgc Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
c.bing.com
c.go-mpulse.net
citiau.demdex.net
citiau.tt.omtrdc.net
citibank.payment-alert.app
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d9.flashtalking.com
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
lasteventf-tm.everesttech.net
marketingportal.citibank.com
maxcdn.bootstrapcdn.com
pixel.everesttech.net
pixel.rubiconproject.com
s.go-mpulse.net
servedby.flashtalking.com
smetrics.citibank.com.au
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
unpkg.com
us-u.openx.net
www.cdn.citibank.com
www.everestjs.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www1.citibank.com.au
d9.flashtalking.com
142.250.184.194
142.250.185.130
15.236.176.210
151.101.66.49
185.33.220.216
185.64.190.80
185.94.180.125
209.197.3.19
23.35.228.247
2606:4700::6810:7daf
2606:4700::6812:bcf
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::2003
2a00:1450:4001:830::2008
2a02:26f0:1700:595::44b5
2a02:26f0:3500:798::1e80
2a02:26f0:6c00:282::2928
2a02:26f0:6c00:2b9::11a6
2a02:26f0:fb:188::11a6
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.246.220.204
34.98.64.218
35.226.132.161
52.213.251.128
52.215.248.120
52.50.215.59
54.171.119.76
54.195.123.189
54.75.68.230
69.173.144.139
96.16.137.98
96.16.147.243
0518c50b8f0ca1f7ba01c80cb0eec09b78a42491b89a263c5b9c58bb1bc78013
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a375e8d1b186dc6d87de0a6a30382423b7c357b1f0d4d0692ce90d8323b93dd
0ad4cfe33135debcfe532bbc96cb393550991045acb80918e75591592a204721
0b303486d384390631c498d4dafe92cf21e714d1d9ead843c12644fe8b5441c0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bce78c604898c558cdcf3c45023436cb2cf52b5f1b42238cf6541625c21f527
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
179bd49748ee18f1f18d1559d0b13fad3bd4ba6f47d8a075ccea2a561efb74a5
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
33589bf39c2afc1e9f8d6f0c50b5e3840bbf5fa54a18f278116dc799fc144cc0
36f5959d29a589389a72cfbb32121fb47fcc3f0b703aef7d0e0bb6392233e136
37b6268dbc79babdb97441fa82af249cfe74654ab695fc39ee36636dd91c9808
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51540e98209e949f0a7f01c1332f6bf5dfe526adeaabe2705f42184d721f90b1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e066703c69d4d89a1f4d66794d474aa93d710624d8f807096bac17a7867b17
55f527615ac9b972aa403825784ead7942cd799f5f710cc13b7dd7b662ae7b02
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d724718dbee04b9180ecc4e106b227596de0afc5eddb68067b862ffc8b5a984
5f6afc1e56d162d01256dc07f2c617c13063323d2cd10d54e565d20943dc2f62
67c1197923b6c103ac40f4fa5b9f44df27f194e81870d69f497083753d594925
69afb475cded6c133f0a4cf680220451a7d33bff7c177a7520c27316d74997d7
6e97f89e0d33c7c7e52cead447b12b0fe0b9f441ebcd6c7cc1a0897da84b9522
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cb24e06c00e47bb6bc6c38b935d6bc62817f656703387e4fb7591add96c7454
7cc6f6d02690e7e57e8de5d32668ea2665596ccb32afdd18bcaea59e8a083d71
7ce02e0f563c14e7fd2d3249c13317e74fef66108f27096bf04a04552aa0c99c
7e444476f6cbc1940e455e11f69db7e2d41781651e193769f48792fa6e7d1eda
89290d4672ac1ce466302360408c73c96d10cc7ad67a4a3f972563c88efc1b67
8ea6d7938186adf5242501f1c4b21c4ee41b8dc592867e115ce64ae23cf09697
937484cf9da529f89806800c7f473bf3c5928607662fa046a5ce4cf85b3abd0e
937f28029004f6fd665ec1e558a5d283ecc60ce9000d134965e2e327b282e879
ab5351bd9526d7495a4f0a304c190bb8616b99c1c58e1899638b9ea4a60a88c8
abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b523e88ce6c4b3f151b6494df6d644a2de9249c793ffcc88a32c4b0523299d
b56f9c74fd00dd556e47b8896b128bbed015531d832f1132c2a074b1449ab4cc
b84f240c59d2dea87e89eec348fc43db20451a808a9333cd80482fc8fc6c8172
bac148906449bb5ee593a1584dfa2293acc5c51c88814633062f5b669697cacc
c44b188d702a60379c4a1f1187cb5be0424c5aa442b47238fb2f272b0cd9008f
d30ce9c5ac166090a7000f37b89cccd2f3e92cef7da1051791c99dabc2f1dcc8
d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4
d5490304a61adc923ff3abb23970efce7a4bb87e06cc7e28effe0434dfbfa542
d6f127a6b42cfffdb932b2a79b50f7684b1eea24052666d97e2ab3845060acb6
df2c6b3323df9e9451d9c892b9d44aa30903fd94e2a92951a11162e709bc7f90
dfd7813d457c7e9dbec1aa447d797b177797a740b2d1869ed6e4d63b2da10d13
dff2681d8f5f16b61b464b599d7c62f61efe496b54a77044145495bc8cad36d0
e235fb2fc6e984641014bca28416e61d8d256830d531c4e0217590a80c4cd510
e2f3938af908b4f13928ba044d70c9e0a5162c8e3e3987a84b2363da84bd52ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6180723277760a2b710d8ce78ee4f93b78aec6a9378983bede2627eaced0a2e
e8bba8f0f8f5c5fee907cbb9af6838d8bc2616ca10e7e723a5503cee109a5d4f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5de10f24f1567df11b784ca5380c0805372a1f0d7276319a2c9685e1483de9a
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f996cda08b2649a38263ccf0d1ba02a5e6443c14976d17e92cd2d170c3024b93
fc203774b220144d4830160109665edef863f2340b64e13ab7c63466cc69919c
fc23ba8d5567a8bd8b0185acf1bb1aabcc5cec8c8c1ed490945b57834599ea4a

www1.citibank.com.au Open in urlscan Pro 96.16.137.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

77 %HTTPS

43 %IPv6

28 Domains

38 Subdomains

35 IPs

6 Countries

2928 kBTransfer

6661 kBSize

35 Cookies

35 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www1.citibank.com.au Open in urlscan Pro
96.16.137.98 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

77 %
HTTPS

43 %
IPv6

28
Domains

38
Subdomains

35
IPs

6
Countries

2928 kB
Transfer

6661 kB
Size

35
Cookies

75 HTTP transactions
1 data transactions