swiftapp.zenis.ca
Open in
urlscan Pro
209.44.109.90
Malicious Activity!
Public Scan
Submission: On February 21 via automatic, source openphish
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 11th 2019. Valid for: 3 months.
This is the only time swiftapp.zenis.ca was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Citibank (Banking)Domain & IP information
ASN10929 (NETELLIGENT, CA)
PTR: server.zenis.ca
swiftapp.zenis.ca |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
api.rlcdn.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-62-118-129.deploy.static.akamaitechnologies.com
tags.bkrtx.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-137-125.compute-1.amazonaws.com
cyseal.cyveillance.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-96-142.eu-west-1.compute.amazonaws.com
insight.adsrvr.org |
ASN16625 (AKAMAI-AS, US)
PTR: a104-103-105-126.deploy.static.akamaitechnologies.com
c1.rfihub.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
cfr.us.v2.we-stats.com |
ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com |
ASN15169 (GOOGLE, US)
PTR: 21.72.190.35.bc.googleusercontent.com
sr.rlcdn.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-113.fra53.r.cloudfront.net
js.adsrvr.org |
ASN54113 (FASTLY, US)
resources.digital-cloud-citi.medallia.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-100.fra53.r.cloudfront.net
cdn.pbbl.co |
ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-237-36.deploy.static.akamaitechnologies.com
stags.bluekai.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN30286 (THM, US)
89oebq5k-6a5e090fd3f8d4785b1b465efc345e2e8fe0161f-am1.e.aa.online-metrix.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-76-228.eu-central-1.compute.amazonaws.com
aa.agkn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
80 |
zenis.ca
swiftapp.zenis.ca |
3 MB |
18 |
google.com
www.google.com cse.google.com |
102 KB |
14 |
google.co.za
www.google.co.za |
2 KB |
11 |
citi.com
content22.online.citi.com |
47 KB |
7 |
ensighten.com
nexus.ensighten.com |
65 KB |
4 |
pbbl.co
1 redirects
cdn.pbbl.co px0.pbbl.co |
9 KB |
3 |
online-metrix.net
h.online-metrix.net 89oebq5k-6a5e090fd3f8d4785b1b465efc345e2e8fe0161f-am1.e.aa.online-metrix.net |
826 B |
3 |
googletagmanager.com
www.googletagmanager.com |
84 KB |
3 |
kampyle.com
nebula-cdn.kampyle.com udc-neb.kampyle.com |
5 KB |
3 |
adsrvr.org
insight.adsrvr.org js.adsrvr.org |
2 KB |
3 |
rlcdn.com
api.rlcdn.com sr.rlcdn.com |
40 B |
2 |
medallia.com
resources.digital-cloud-citi.medallia.com |
55 KB |
2 |
rfihub.com
a.rfihub.com 20766699p.rfihub.com |
679 B |
1 |
agkn.com
1 redirects
aa.agkn.com |
398 B |
1 |
bluekai.com
stags.bluekai.com |
|
1 |
we-stats.com
cfr.us.v2.we-stats.com |
559 B |
1 |
rfihub.net
c1.rfihub.net |
7 KB |
1 |
cyveillance.com
cyseal.cyveillance.com |
226 B |
1 |
bkrtx.com
tags.bkrtx.com |
10 KB |
158 | 19 |
Domain | Requested by | |
---|---|---|
80 | swiftapp.zenis.ca |
swiftapp.zenis.ca
|
17 | www.google.com |
swiftapp.zenis.ca
cse.google.com |
14 | www.google.co.za |
swiftapp.zenis.ca
|
11 | content22.online.citi.com |
swiftapp.zenis.ca
content22.online.citi.com |
7 | nexus.ensighten.com |
swiftapp.zenis.ca
|
3 | www.googletagmanager.com |
swiftapp.zenis.ca
|
2 | px0.pbbl.co | 1 redirects |
2 | h.online-metrix.net |
content22.online.citi.com
|
2 | cdn.pbbl.co |
nexus.ensighten.com
cdn.pbbl.co |
2 | resources.digital-cloud-citi.medallia.com |
nexus.ensighten.com
swiftapp.zenis.ca |
2 | sr.rlcdn.com |
swiftapp.zenis.ca
nexus.ensighten.com |
2 | udc-neb.kampyle.com |
swiftapp.zenis.ca
|
2 | insight.adsrvr.org |
swiftapp.zenis.ca
js.adsrvr.org |
1 | aa.agkn.com | 1 redirects |
1 | 89oebq5k-6a5e090fd3f8d4785b1b465efc345e2e8fe0161f-am1.e.aa.online-metrix.net | |
1 | stags.bluekai.com |
tags.bkrtx.com
|
1 | js.adsrvr.org |
swiftapp.zenis.ca
|
1 | nebula-cdn.kampyle.com |
swiftapp.zenis.ca
|
1 | cfr.us.v2.we-stats.com |
swiftapp.zenis.ca
|
1 | 20766699p.rfihub.com |
c1.rfihub.net
|
1 | a.rfihub.com |
c1.rfihub.net
|
1 | c1.rfihub.net |
nexus.ensighten.com
|
1 | cyseal.cyveillance.com |
swiftapp.zenis.ca
|
1 | cse.google.com |
swiftapp.zenis.ca
|
1 | tags.bkrtx.com |
nexus.ensighten.com
|
1 | api.rlcdn.com |
swiftapp.zenis.ca
|
158 | 26 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
swiftapp.zenis.ca cPanel, Inc. Certification Authority |
2019-12-11 - 2020-03-10 |
3 months | crt.sh |
nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2019-10-03 - 2020-10-02 |
a year | crt.sh |
www.google.com GTS CA 1O1 |
2020-01-29 - 2020-04-22 |
3 months | crt.sh |
*.google.co.za GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-04-24 - 2020-04-23 |
a year | crt.sh |
*.bkrtx.com DigiCert SHA2 Secure Server CA |
2018-12-03 - 2020-03-03 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2020-01-29 - 2020-04-22 |
3 months | crt.sh |
cyseal.cyveillance.com Amazon |
2020-01-05 - 2021-02-05 |
a year | crt.sh |
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1 |
2019-03-07 - 2021-04-19 |
2 years | crt.sh |
*.rfihub.net DigiCert SHA2 Secure Server CA |
2019-01-25 - 2020-04-25 |
a year | crt.sh |
*.rfihub.com DigiCert SHA2 Secure Server CA |
2019-08-27 - 2020-08-31 |
a year | crt.sh |
*.us.v2.we-stats.com COMODO RSA Domain Validation Secure Server CA |
2018-10-11 - 2020-10-10 |
2 years | crt.sh |
j.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2 |
2020-02-06 - 2020-06-11 |
4 months | crt.sh |
*.kampyle.com RapidSSL RSA CA 2018 |
2020-02-11 - 2022-03-06 |
2 years | crt.sh |
*.digital-cloud-citi.medallia.com SSL.com DV CA |
2018-11-13 - 2020-11-12 |
2 years | crt.sh |
*.pbbl.co Amazon |
2020-01-01 - 2021-02-01 |
a year | crt.sh |
content22.online.citi.com DigiCert SHA2 Extended Validation Server CA |
2018-08-06 - 2020-08-06 |
2 years | crt.sh |
odc-prod-01.oracle.com DigiCert ECC Secure Server CA |
2018-12-10 - 2020-03-10 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-01-29 - 2020-04-22 |
3 months | crt.sh |
h.online-metrix.net Thawte TLS RSA CA G1 |
2018-03-22 - 2020-03-21 |
2 years | crt.sh |
*.e.aa.online-metrix.net Go Daddy Secure Certificate Authority - G2 |
2019-09-13 - 2021-09-13 |
2 years | crt.sh |
px0.pbbl.co GTS CA 1D2 |
2019-12-31 - 2020-03-30 |
3 months | crt.sh |
This page contains 19 frames:
Primary Page:
https://swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/?73776966746170702e7a656e69732e6361
Frame ID: 0D6C1F86DCF708AA3A5C32D1B5239410
Requests: 127 HTTP requests in this frame
Frame:
https://swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/425466.htm
Frame ID: D4233C28849265C39330B21E6FF33224
Requests: 2 HTTP requests in this frame
Frame:
https://swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/a.htm
Frame ID: 22FBAD0EB97E90B913BC119521A8D345
Requests: 1 HTTP requests in this frame
Frame:
https://swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/HP.htm
Frame ID: 7B9924849D787738C06D448CB1788F0B
Requests: 4 HTTP requests in this frame
Frame:
https://swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/a.htm
Frame ID: E24AD71E93561B154199613F42757363
Requests: 1 HTTP requests in this frame
Frame:
https://swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/63068.htm
Frame ID: 9AA1A99FEE4A3A10DAB2D9C5816AF1CD
Requests: 1 HTTP requests in this frame
Frame:
https://swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/activityi.htm
Frame ID: 7F135EC03E66C5412328E0D9CB4D88B1
Requests: 1 HTTP requests in this frame
Frame:
https://insight.adsrvr.org/track/up?adv=1jw5cvl&ref=https%3A%2F%2Fonline.citi.com%2FUS%2Flogin.do&upid=t1sl5ty&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1=jUSCBOL_Loginpage_Uncookied&td2=undefined&td3=undefined&td4=Non%20Cookied%20Username%20Password%20&td5=https://online.citi.com/US/login.do&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10}
Frame ID: B812374ECDDB777992C035B1E2F7FED1
Requests: 1 HTTP requests in this frame
Frame:
https://20766699p.rfihub.com/ca.html?rfiidc=1582522692157692654&rfiaid=2ebbe718181a4d81a48fd139413654a7&ver=9&ra=1874&rb=648&ca=20766699&_o=17169175&_t=&ssv_cuuid=&ssv_pagename=&pe=https%3A%2F%2Fswiftapp.zenis.ca%2Fciti%2F480de2a8f687e20459b6e09111794fb3%2FLogonHandler%2F%3F73776966746170702e7a656e69732e6361&pf=&ra=7202793829923226
Frame ID: A26F739B7B4A99143CE32C5C6528BAC4
Requests: 1 HTTP requests in this frame
Frame:
https://swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/activityi_data/src6260004.htm
Frame ID: 75ACB756D37954B9FBA1180FDDBD9D4F
Requests: 1 HTTP requests in this frame
Frame:
https://swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/activityi_data/src6260004_data/src6260004.htm
Frame ID: 4C3E2EE9B557CDB976927AE85BB59079
Requests: 1 HTTP requests in this frame
Frame:
https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 869514998505D4D602572221C32C1B47
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/check.js;CIS3SID=64945DE4D557BBFF5D8DB7070FC5C2D3?org_id=89oebq5k&session_id=580affb0062788a253837de069fcf880e9739e2e259194014933e2574b3fdac7&nonce=1860c909d3a99019&pageid=1&jb=333f262668716d753d4e6b6c7d702668736d354e6b6e7578246271603f4b60726f6567273a303534
Frame ID: 1BED90580AB6C407F9DAF9E35483FB41
Requests: 10 HTTP requests in this frame
Frame:
https://stags.bluekai.com/site/63068?ret=html&phint=language&phint=product&phint=event&phint=category&phint=page&phint=section1&phint=section2&phint=section3&phint=section4&phint=bankappstatus&phint=productID&phint=__bk_t%3DOnline%20Banking%2C%20Mortgages%2C%20Personal%20Loans%2C%20Investing%20%7C%20Citi.com&phint=__bk_k%3Dbanking%2C%20citi%2C%20financial%20services%2C%20checking%20account%2C%20savings%20account%2C%20credit%20cards&phint=__bk_l%3Dhttps%3A%2F%2Fswiftapp.zenis.ca%2Fciti%2F480de2a8f687e20459b6e09111794fb3%2FLogonHandler%2F%3F73776966746170702e7a656e69732e6361&phint=__bk_v%3D3.1.3&limit=10&r=98211679
Frame ID: 6355C307D05631B51A64ACEAC46780CD
Requests: 1 HTTP requests in this frame
Frame:
https://cdn.pbbl.co/i/pp.html
Frame ID: DA01E4BFF1D4AD1B7607862F1994D1C3
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=99CD67172F89E6C3B89985E591887A07?org_id=89oebq5k&session_id=580affb0062788a253837de069fcf880e9739e2e259194014933e2574b3fdac7&nonce=1860c909d3a99019&pageid=1
Frame ID: E70A0592B694870DEF810960DA832767
Requests: 1 HTTP requests in this frame
Frame:
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=99CD67172F89E6C3B89985E591887A07?org_id=89oebq5k&session_id=580affb0062788a253837de069fcf880e9739e2e259194014933e2574b3fdac7&nonce=1860c909d3a99019&pageid=1
Frame ID: 87ADD24D8EFD0E3EAD7A111244308630
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/top_fp.html;CIS3SID=99CD67172F89E6C3B89985E591887A07?org_id=89oebq5k&session_id=580affb0062788a253837de069fcf880e9739e2e259194014933e2574b3fdac7&nonce=1860c909d3a99019&pageid=1
Frame ID: 343FC6FAEAE72A2CB401ACDA622C7A63
Requests: 1 HTTP requests in this frame
Frame:
https://insight.adsrvr.org/track/up?adv=1jw5cvl&ref=https%3A%2F%2Fswiftapp.zenis.ca%2Fciti%2F480de2a8f687e20459b6e09111794fb3%2FLogonHandler%2F%3F73776966746170702e7a656e69732e6361&upid=t1sl5ty&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}&td1=undefined&td2=undefined&td3=undefined&td4=undefined&td5=https://swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/?73776966746170702e7a656e69732e6361&td6={td6}&td7={td7}&td8={td8}&td9={td9}&td10={td10}
Frame ID: 4A8320EDFBF3D704A5A0C053F13A3600
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Ensighten (Tag Managers) Expand
Detected patterns
- script /\/\/nexus\.ensighten\.com\//i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
47 Outgoing links
These are links going to different origins than the main page.
Title: Español
Search URL Search Domain Scan URL
Title: Open an Account
Search URL Search Domain Scan URL
Title: ATM / Branch
Search URL Search Domain Scan URL
Title: Citi Bank Logo
Search URL Search Domain Scan URL
Title: View All Credit Cards
Search URL Search Domain Scan URL
Title: 0% Intro APR Credit Cards
Search URL Search Domain Scan URL
Title: Balance Transfer Credit Cards
Search URL Search Domain Scan URL
Title: Rewards Credit Cards
Search URL Search Domain Scan URL
Title: See If You're Pre-Qualified
Search URL Search Domain Scan URL
Title: Small Business Credit Cards
Search URL Search Domain Scan URL
Title: Banking Overview
Search URL Search Domain Scan URL
Title: Checking
Search URL Search Domain Scan URL
Title: Savings
Search URL Search Domain Scan URL
Title: Certificates of Deposit
Search URL Search Domain Scan URL
Title: Banking IRAs
Search URL Search Domain Scan URL
Title: Rates
Search URL Search Domain Scan URL
Title: Small Business
Search URL Search Domain Scan URL
Title: Personal Loans & Lines of Credit
Search URL Search Domain Scan URL
Title: Mortgage
Search URL Search Domain Scan URL
Title: Home Equity
Search URL Search Domain Scan URL
Title: Your Financial Goals
Search URL Search Domain Scan URL
Title: Investing with Citi
Search URL Search Domain Scan URL
Title: Insights and Tools
Search URL Search Domain Scan URL
Title: Citigold®
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Our Story
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Benefits and Services
Search URL Search Domain Scan URL
Title: Rewards
Search URL Search Domain Scan URL
Title: Citi Easy DealsSM
Search URL Search Domain Scan URL
Title: Citi EntertainmentSM
Search URL Search Domain Scan URL
Title: Special Offers
Search URL Search Domain Scan URL
Title: Citi Priority
Search URL Search Domain Scan URL
Title: Citi Private Bank
Search URL Search Domain Scan URL
Title: Commercial Accounts
Search URL Search Domain Scan URL
Title: Mortgage
Search URL Search Domain Scan URL
Title: Home Equity
Search URL Search Domain Scan URL
Title: Lending
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Help & FAQs
Search URL Search Domain Scan URL
Title: Security Center
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: International Personal Bank U.S.
Search URL Search Domain Scan URL
Title: jdpower.com/awards
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 155- https://px0.pbbl.co/ns/__p2.gif?ppid=1c11db15-4d67-4e84-8dfc-990fb86a01e2&chk=false&brid=1560&brcid=&email=&orderId=&orderValue=&productId=&offerCode=&label=&pageUrl=https%3A%2F%2Fswiftapp.zenis.ca%2Fciti%2F480de2a8f687e20459b6e09111794fb3%2FLogonHandler%2F%3F73776966746170702e7a656e69732e6361&referrerUrl=&targetUrl=https%3A%2F%2Fswiftapp.zenis.ca%2Fciti%2F480de2a8f687e20459b6e09111794fb3%2FLogonHandler%2F%3F73776966746170702e7a656e69732e6361&sessionId=&markerType=seg&rand=vEOK9SkPnbYbJKXi&iabOptOut=-&jsVer=3.2.1&frVer=1.1&markerId=348192 HTTP 302
- https://aa.agkn.com/adscores/g.pixel?sid=9212282598&_ppid=1c11db15-4d67-4e84-8dfc-990fb86a01e2&_segid=99&iid=53f1c046-6fcf-4fe6-8adb-b7b74b2affca HTTP 302
- https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=1c11db15-4d67-4e84-8dfc-990fb86a01e2&_segid=99&_zip=&hk=&iid=53f1c046-6fcf-4fe6-8adb-b7b74b2affca&mt=&bd=
158 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/ |
142 KB 142 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
conversion_async.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
25 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
73 KB 73 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_002
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
73 KB 73 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
45 KB 45 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ddl.css
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
624 KB 624 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jfpm.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_branding.css
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
271 KB 272 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
204 KB 204 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Bootstrap.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
200 KB 200 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
target.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
43 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajax
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
812 B 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homePage.css
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
24 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fp.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
15 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citilive-search-responsive.css
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
58 KB 58 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cse_element__en.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
257 KB 257 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
defaulten.css
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
40 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.css
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
11 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
96 B 349 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tags.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
48 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a_006
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a_005
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a_003
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a_004
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a_002
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a_013
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a_014
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a_007
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a_008
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a_012
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a_010
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a_011
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a_009
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
463166.gif
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
42 B 282 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bcsid.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
947 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BiocatchATO.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
338 KB 338 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cbol-smartSearch.css
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
search-white.png
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
429 B 670 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citiHomePage.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
14 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
peworkflow.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2019CertifiedMobileApp.png
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oo_engine.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
42 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ddl.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
64 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
33 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citilive-search.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cbol-smartSearch-inject.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
10 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TMXProfiling.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
siteseal2p.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
685 B 939 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cobrowse_overlay.css
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citilive-search-library.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
179 KB 179 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citilive-search-service.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citi-search-tmpl.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
18 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citilive-search-controller.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
110 KB 111 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
generic1575489016292.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
279 KB 279 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uidm.htm
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
5 KB 5 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
copy_copy_1551286869362_Feedback.png
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 106 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/959299794/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.za/pagead/1p-user-list/959299794/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/960621875/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.za/pagead/1p-user-list/960621875/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/916451471/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.za/pagead/1p-user-list/916451471/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/975701947/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.za/pagead/1p-user-list/975701947/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/770961656/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.za/pagead/1p-user-list/770961656/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/819500023/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.za/pagead/1p-user-list/819500023/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/763960929/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.za/pagead/1p-user-list/763960929/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/959299794/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.za/pagead/1p-user-list/959299794/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/960621875/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.za/pagead/1p-user-list/960621875/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/916451471/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.za/pagead/1p-user-list/916451471/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/citi/na_prod/ |
1 KB 677 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/975701947/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.za/pagead/1p-user-list/975701947/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/770961656/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.za/pagead/1p-user-list/770961656/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/819500023/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.za/pagead/1p-user-list/819500023/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/763960929/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.za/pagead/1p-user-list/763960929/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identity
api.rlcdn.com/api/ |
0 0 |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
70b8eff5831bcc37c1deb079a596efec.js
nexus.ensighten.com/citi/na_prod/code/ |
96 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fdf45a7c15c1cee06bb71e10dac4e26e.js
nexus.ensighten.com/citi/na_prod/code/ |
989 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d4ef2cb28df25a03d6ce395df4f7ea59.js
nexus.ensighten.com/citi/na_prod/code/ |
125 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2332b821d4e4d232bc6dcfc3863a9959.js
nexus.ensighten.com/citi/na_prod/code/ |
29 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8637af7c210f4e79436bc39f71b49bfa.js
nexus.ensighten.com/citi/na_prod/code/ |
1 KB 728 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bk-coretag.js
tags.bkrtx.com/js/ |
27 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
9273b22d-344a-448d-adce-ed07f1b48edc
https://swiftapp.zenis.ca/ |
138 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Citi-Enterprise-White.png
swiftapp.zenis.ca/GFC/branding/img/ |
5 KB 5 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Interstate-Light.woff
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/fonts/interstate/ |
5 KB 9 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Interstate-Bold.woff
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/fonts/interstate/ |
5 KB 10 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Citi-Branding-Sprite.png
swiftapp.zenis.ca/GFC/branding/img/ |
5 KB 5 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
appStore_1px.png
swiftapp.zenis.ca/GFC/branding/responsivebranding/img/ |
5 KB 5 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
googlePlay_1px.png
swiftapp.zenis.ca/GFC/branding/responsivebranding/img/ |
5 KB 5 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow-btn-next-white-sm-bold.svg
swiftapp.zenis.ca/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/ |
822 B 822 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oo_icon_retina.gif
swiftapp.zenis.ca/GFC/branding/olab/images/ |
821 B 821 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cse.js
cse.google.com/cse/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cyss.js
cyseal.cyveillance.com/SiteSeal/ |
0 226 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
425466.htm
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ Frame D423 |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a.htm
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ Frame 22FB |
108 B 349 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HP.htm
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ Frame 7B99 |
19 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a.htm
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ Frame E24A |
108 B 349 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
63068.htm
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ Frame 9AA1 |
151 B 392 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
activityi.htm
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/ Frame 7F13 |
376 B 617 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
up
insight.adsrvr.org/track/ Frame B812 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tc.min.js
c1.rfihub.net/js/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cse_element__de.js
www.google.com/cse/static/element/8b2252448421acb3/ |
257 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default+de.css
www.google.com/cse/static/element/8b2252448421acb3/ |
40 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.css
www.google.com/cse/static/style/look/v3/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Interstate-Bold.ttf
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/fonts/interstate/ |
5 KB 10 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
idr.js
a.rfihub.com/ |
83 B 679 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
ca.html
20766699p.rfihub.com/ Frame A26F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cr.png
cfr.us.v2.we-stats.com/api/v1/ |
0 559 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Interstate-Light.ttf
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/fonts/interstate/ |
5 KB 9 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cool-2.1.15.min.js
nebula-cdn.kampyle.com/resources/onsite/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ |
0 79 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check.js
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/HP_data/ Frame 7B99 |
120 KB 120 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ARF
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/HP_data/ Frame 7B99 |
35 B 251 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
src6260004.htm
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/activityi_data/ Frame 75AC |
377 B 618 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1000.gif
sr.rlcdn.com/ Frame D423 |
0 40 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
src6260004.htm
swiftapp.zenis.ca/citi/480de2a8f687e20459b6e09111794fb3/LogonHandler/citi_files/activityi_data/src6260004_data/ Frame 4C3E |
265 B 506 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
TMXProfile.jws
swiftapp.zenis.ca/US/REST/ManageTMXProfile/ |
5 KB 9 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
up_loader.1.1.0.js
js.adsrvr.org/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed.js
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ |
2 KB 771 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
425466.html
sr.rlcdn.com/ Frame 8695 |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1560.js
cdn.pbbl.co/r/ |
31 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check.js;CIS3SID=64945DE4D557BBFF5D8DB7070FC5C2D3
content22.online.citi.com/fp/ Frame 1BED |
173 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 1BED |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 1BED |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generic1575489016292.js
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ |
279 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
63068
stags.bluekai.com/site/ Frame 6355 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
74 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
74 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
74 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ARF;CIS3SID=C709CA22799E54D539694CB9ACE5A510
content22.online.citi.com/fp/ Frame 7B99 |
0 406 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pp.html
cdn.pbbl.co/i/ Frame DA01 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ |
0 79 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 1BED |
81 B 533 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ls_fp.html;CIS3SID=99CD67172F89E6C3B89985E591887A07
content22.online.citi.com/fp/ Frame E70A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 1BED |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sid_fp.html;CIS3SID=99CD67172F89E6C3B89985E591887A07
h.online-metrix.net/fp/ Frame 87AD |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
h.online-metrix.net/fp/ Frame 1BED |
0 388 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 1BED |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_fp.html;CIS3SID=99CD67172F89E6C3B89985E591887A07
content22.online.citi.com/fp/ Frame 343F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 1BED |
0 218 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
89oebq5k-6a5e090fd3f8d4785b1b465efc345e2e8fe0161f-am1.e.aa.online-metrix.net/fp/ Frame 1BED |
81 B 438 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
up
insight.adsrvr.org/track/ Frame 4A83 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adadvisor.gif
px0.pbbl.co/ Redirect Chain
|
42 B 131 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 1BED |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Citibank (Banking)363 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| GooglemKTybQhCsO function| google_trackConversion object| google_tag_manager object| dataLayer function| $ function| jQuery object| jQuery19109960184829367043 object| respond object| ensBootstraps object| Bootstrapper object| citiData object| _AT function| getSizzleForTarget undefined| mboxCurrent object| google object| td_4v boolean| tmx_profiling_started object| td_3R function| tmx_post_session_params_fixed function| tmx_run_page_fingerprinting object| KAMPYLE_EMBED string| isPeOfferSSIServiceFlag string| peOfferServiceThrottleValue string| liveRampUrl_NGA boolean| liveRampFeatureOct18 string| liveRampUrl_CSI_Oct18 string| liveRampUrl_SSI_Oct18 string| liveRampUrl_newApi_Oct18 string| liveRampTimeout_newApi_Oct18 object| liveRampStatus string| idl object| vendorData object| liveRampParseTempArray object| liveRampMessage function| prepareLiveRampUrl function| triggerLiveRamp function| validateLiveRampResponse function| parseLiveRampResponse function| updateLiveRampStatus string| aosDomain boolean| peOfferServiceThrottle string| bcCookieName string| bcsid function| setBCCookie function| getBCCookie object| httpStatus function| bk_async object| val object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut boolean| bk_use_multiple_iframes boolean| bk_allow_multiple_calls object| cdApi function| getParentLocation function| isSelfLoc function| isXFSWhiteListed string| parentLocation boolean| XFSWhitelisted string| domainName string| JFP_CSRF_TOKEN object| OBJ_JFP_CSRF_TOKEN boolean| isCSRFAutomationEnabled function| isValidDomain function| isValidUrl string| topDM object| signonInitialHeight undefined| signonModalHeight boolean| signonBlock function| populateEFDParams function| populateClientData function| doSubmit function| signOnUnamePwdError function| clearFieldErrorValidation function| onSelectUser function| insertAfter function| mask function| focusOn function| blurOn function| doMask function| OpenInNewTab function| displayLable function| launchPopup function| tv function| initMLC function| displayServerName function| isTestDomain function| getCookie function| setCookie function| calLinkCharLength function| truncateOtherAlert function| truncateBrowserAlert function| passTmplObj function| closeAlertBox function| showFullMsg function| hideFullMsg function| truncateMsg function| showAlerts function| hideAlerts function| handleOutageAlert function| handleSignonLink function| adjustHeroHeight function| adjustHeroOnRotation string| test boolean| defaultOffersActive undefined| RFObject undefined| language undefined| isAggregator function| ngaKA string| counter undefined| loginExp undefined| jsonContent undefined| offerPlacements boolean| epTurnedOff object| PRConfig undefined| PRcallback function| reviewsClicked function| prConnection function| setReview_banner function| fetchPRReviews string| isTaggingTransformationSet object| taggingDlArr string| OSResponse string| RFResponse string| CMSStatus object| moduleArr object| contentIdArr object| resPlKeys object| offerlistArr object| rfPlacementsArr boolean| isMobile boolean| RFthrottle string| userType string| GPOLUrl string| acxiomTimeout string| cmsCallTimeout string| CUUIDUpdated boolean| bkEnabled string| bluekaiUrl string| aoUrl string| mktUrl string| updateDmpTimeout string| ecmCampaign object| ecmNames string| loginbkTimeout string| subChannel string| RFUrl string| rfCallTimeout boolean| PEAugustFallback boolean| PESeptFallback string| clientIpAddress string| osUrl string| osTimeout string| osClientId string| osScope string| peOfferSSIFlowCookie boolean| peOctFallback boolean| peNovFallback undefined| callCMSServiceRFDecision string| cmsBannerServiceDomain string| cmsBannerServiceTimeout string| cmsBannerServiceScope string| cmsBannerServiceClientId string| locale_PE boolean| peBluekaiMobileIntgFlag string| metricsCaptureUrl string| metricsCaptureClientId string| metricsCaptureScope string| metricsCaptureTimeout object| clientMetricsStatus object| metricsCaptureArray object| clientMetricsRequestKeys boolean| peClientMetricsFlag boolean| august2018FeaturesSwitch object| defaultContentIdArray object| bannerTrackingJSON undefined| bannerTrackingDefaultOffers boolean| peUrlMaskingFeature object| OSRawResponse object| schshArray object| sourceCodeBrandArr string| clearExp string| expCookieValue undefined| exdate undefined| cookie_value boolean| clearExpCookie string| immediateReferrer boolean| isJavaEnabled string| screenResolution object| peworkflow object| commonUtils function| peintg function| mobileBadgeClick function| desktopBadgeClick object| OOo function| commaSeperatedList function| arraysEqual object| CM function| onYouTubeIframeAPIReady boolean| iOS string| titleAttr function| hasClass function| setSearchBarLabel function| changeViewport function| setPageTimeout function| delayPageTimeout function| resetPageTimeout function| sessionRecovery function| callSessionCheck function| sessionCheckReturn function| beforeYouGo function| getBrandingData function| getFinalURL function| lnk function| isSubappBusy function| confirmGo function| ConfirmGo function| myFunction function| closeActiveFlyoutMenu function| hideSearchBar object| globalNavigation function| gssCallback object| requestURL object| params undefined| element undefined| h1Element undefined| fullSearchURL undefined| newElement function| gsearch2 function| scEventL function| scEvent boolean| flag function| gsearch function| searchComplete function| renderSearchControls object| pageTimer object| delayTimer undefined| branding_sc_p3 string| displayPhrase string| displayPhrase2 undefined| subMenuMargin object| year function| getParameterByName object| ids_menu object| ids_hasdrop object| ids_dropbtn function| mobileDropdown function| mobileSubDropdown function| hideMobileDrop function| getSpanishHref function| showSpanishDisclaimer function| closeSpanishDisclaimer function| redirectToSpanishPage function| getEnglishHref function| redirectToEnglishPage object| __gcse object| $desktopSearchWrap object| $desktopSearchBar object| $desktopSearchBtn object| CitiSearchConfig object| CitiSearch function| NexusPlatformDelegateToCBOL function| NexusPlatformChatEscalationCBOL function| getRequestParams function| nullCheck function| firstCobrowseOverlay function| hideOverlay function| cobrowseOverlay function| showAlert function| requestCobrowse object| dropdownData function| $CitiSearch function| StringBuffer object| Base64 function| Utf8EncodeEnumerator function| Base64DecodeEnumerator function| _ object| Handlebars object| CitiSearchService object| nexusPlatformChatEscalationCBOL function| CitiSearchDelegate object| CitiSmartSearchTmpl object| nexusPlatformDelegateToCBOL object| CitiSearchJSVar string| contentFetchFromDB object| CitiLiveSearchController undefined| CitiFullSearchController function| $autocomplete function| disableAutocomplete function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint function| asyncpost_deviceprint function| _focusFirstHeader function| _focusPreviousHeader function| _focusNextHeader function| _rfi function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP object| closure_lm_317731 object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| MDIGITAL_OnPrem object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata undefined| CCSID undefined| citiLocale boolean| citiNGA undefined| pageID function| _trackAnalytics object| _pp function| ttd_dom_ready function| TTDUniversalPixelApi function| setImmediate function| clearImmediate13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.rfihub.com/ | Name: ruds Value: H4sIAAAAAAAAAOMSNjS1MDI1MjKzNDI0NQeSZqYmQnyGurpVyRkZiam6qSUm5gDHGJhsJQAAAA |
|
.swiftapp.zenis.ca/ | Name: cd_user_id Value: 17067c6d28b7f9-04537344d420ce-37647e03-1d4c00-17067c6d28cd4e |
|
swiftapp.zenis.ca/ | Name: 7830 Value: error |
|
swiftapp.zenis.ca/ | Name: kampyleUserSessionsCount Value: 1 |
|
swiftapp.zenis.ca/ | Name: kampyle_userid Value: bf2f-d15b-0470-f0a8-68d9-fea8-e22c-81ba |
|
.zenis.ca/ | Name: bmuid Value: 1582289047680-C4B56EF5-E5F8-493F-BD99-E102077BEE35 |
|
.zenis.ca/ | Name: cdSNum Value: 1582289047846-sjn0000352-21a802bb-6014-4547-b175-23a079a88c5f |
|
swiftapp.zenis.ca/ | Name: kampyleSessionPageCounter Value: 1 |
|
swiftapp.zenis.ca/ | Name: 7018 Value: |
|
.rfihub.com/ | Name: rud Value: H4sIAAAAAAAAAOMSNjS1MDI1MjKzNDI0NQeSZqYmQnyGurpVyRkZiam6qSUm5lK8IEVGFpYGJuaWBkYAKus2qDQAAAA |
|
.zenis.ca/ | Name: cdContextId Value: 2 |
|
swiftapp.zenis.ca/ | Name: PHPSESSID Value: 87167596a9f8f7335976e55023b50c19 |
|
swiftapp.zenis.ca/ | Name: kampyleUserSession Value: 1582289048013 |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
20766699p.rfihub.com
89oebq5k-6a5e090fd3f8d4785b1b465efc345e2e8fe0161f-am1.e.aa.online-metrix.net
a.rfihub.com
aa.agkn.com
api.rlcdn.com
c1.rfihub.net
cdn.pbbl.co
cfr.us.v2.we-stats.com
content22.online.citi.com
cse.google.com
cyseal.cyveillance.com
h.online-metrix.net
insight.adsrvr.org
js.adsrvr.org
nebula-cdn.kampyle.com
nexus.ensighten.com
px0.pbbl.co
resources.digital-cloud-citi.medallia.com
sr.rlcdn.com
stags.bluekai.com
swiftapp.zenis.ca
tags.bkrtx.com
udc-neb.kampyle.com
www.google.co.za
www.google.com
www.googletagmanager.com
104.103.105.126
143.204.202.100
143.204.207.113
151.101.113.175
151.101.114.133
18.195.42.228
185.31.128.128
185.31.128.129
209.44.109.90
23.45.237.36
23.62.118.129
2a00:1450:4001:809::2003
2a00:1450:4001:81b::2013
2a00:1450:4001:820::200e
2a00:1450:4001:821::2004
2a00:1450:4001:825::2008
3.212.137.125
35.190.72.21
35.241.45.82
35.244.174.68
40.122.110.249
52.17.96.142
52.57.76.228
91.235.132.130
91.235.134.131
91.235.134.21
01376eb250005db2061fdabc7ceb5666bba33eff9ad18c697a8b2101f5ea28f4
02c39275000c1280f9cde808ebe731ec1924477305678759c1140ecaac49eba0
03c736ca1c90e26743865ed80c9766f84ca237b0dc572fab630737aaef70d171
05c7f72a7a82c646af96bd51f725137f54238f882322254eb7d9e73b0fc4e772
0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b
06dfb367edf9bbff810def9f75f8695b3ccfbcb2813306609fc6e18fcacfc17e
0af75bf0a08f8bee37ef1b40350d0829ae380da3932c5f8ad71a41dc1f28a707
0b2184cbf465296763bda66941dad327f1e7d420cbc11fe2a6fd34ab8daccd04
1183ef02d030d34b4884af4d85dec2632986cd5b4b00b3242ebde1e1413c6b0f
157430093a6d2ee63082eae5dabf826926d3b6259d33482aa6713c48728e82fa
1f2a0e7aa3dabf73dae3cc7c1e53a70ec51145b39b027bdc1ecae9223c0c80d2
2233a44f005e8d416636e52aca33bc7ce726c1ab4d0801865162829d762c6de2
28e5e85471fee105f636b80690e54dc159cb415ff6d05b203b627c0dad9fbc14
358ad73a43b06e5ae6e349c3733505cdfaeb73ad2957e1d1a0cd0428195363ed
3c765e4a45a7befbfdf86c188a45a0ccde59bec375cffa6a1c3ac0b23818bcde
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
3f00323bb3a4bd2a276bec0f27cfa55a94a2b967c3970e68fde57618dff3ddf4
402ece432b1e7e6a825548e86704bc2dd8f438788dcddf928a3c1a96fbddf6fd
407cdd342215e758c95b8f20bb0a70657841dd4b9b3392ce01c5c81ae83dba97
40a20291f9b526cba58796a4bbd0256d5663313e02c9d5ab5a842476562b3108
40a5db04caf329f1906d74cf80c2c7a01952614cf17a4278b26a1ff04d777d77
41bbcee364ddd5e8643a75105fdb8b468f54fc0d79ab80d149aec6ce1702c64b
429d8af3190c76d5fcb9b1cad2aa6eb555684921323da905d62017fbdbf557c6
4563b749ff47d8681713fc541fcee72ed7ed06f5e5f763481c0e90be8f5de3bd
475412f9495a82cf8db9e2929edbcdd4f10565966004f9ed663c7bb662e29494
4f22f81303c13f979fd61b44a6de22d4f9ab055069af36fcc329b085baa1c4dd
506575b752d10714465811aec4dd67a7bfb471fcbc2e9619c1faad68c110759e
5a6a384cd228debc5cfd15f104c9647dde72e4289ebbdd77ec2256337bf24b94
5b259a27a1af6dda263e76aa1a0cf1b10bcbfacfcca35f9f07338d7685095c26
5cc280e965102224e1c7c0bd1df536c524c3a6fc9762205f4d7f7b345382c724
5d68421abddb7c323e98ad50172ca2774eec318f9b7b6b79656e76a4c1fa2738
6177c6163dc1ad67fb596a94ef3d18a277bfd437dbb3c1a928cd6caacefeff2e
61e114badfc7677a5ed175cf71afd46968ef8262cd4e5ec64ba0c743daae8e11
629b48196dcc270143a42ce57535b251c655617f8d510277d4a05306c426fd38
63df17793920dab4d4626b0f84fd3f47afb053335e84231668da9210b366b3a7
64f93991b9aaca349db64f6de9a12126617e6e2162a6712a910ff2fac2005255
6d3001c9deac8cb1f88ea5254105f8d678de5532f1998a24eab1b59906eaf86b
7227f46d7aa273e800c81f6f23eb6bd337fb862ffe7f26997cc398bf28b637c4
73b8daacd557e351c0132407003c98ed8ebcea409f2a89d2d2ab538a5cbcc237
73e33afae543f648d22ab610c48393f8e14466eae3fa7953d83c257dd9b9028a
766cc064fbabfd3bfff9c2a58c721cf28006076f642211778650f744057a9a1b
771c92ecc9167287111bc793f6392bfb0dc8a51a830b497f7591e6d3493fc1fc
79c91ccf7d19278355675835f3a84bd5a33500334aebc9ada925f5df78eb5d9d
7d481eb36581746fd3662c7c452856b695df90cdce24664c48f565aa119c8b16
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110
7df94817273e6f9eee5a6f0642f4e1c74cf1697c5a7bf23c9f05a247b1197e0a
7ecf3bf86151cd72036fb67feb8fcbd8c80359e0ca871e1aeb955428ed43c26d
8736616666814797e2a652ec246d1acc26c14d87dbee6361d2bf191987a0825c
88a75638103dc48db63398e526f5bceba949046341cbb96212ff87dc5cb6f77e
8aea4270fcbd76fb52d97fa2157e53c7aa739704d604e4e3734cd091efc65c6e
8cad2492e705a54e5c4a634509b1d6c836dfb5bd179c2e58063653cc8635d6df
8fd5512f3baa4af65b7a45a938a11a4517e64a5776a7494151df1d0e69080747
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ca28b4e63ab023dfb0d2d6147c8444ab99b1b275a7fb48b935e0d2284d2a0c8
9ce12675ed28c7049875858e0830af29719f3d16004541570c3a85e70f637696
9ceaa25ec7654a66294c16e28989fbf1ecb9cebc9debe96ec597529465c7cd50
9dad502247a8488c21ef5beb32aed1a78b17b748711bec817c472911f76b4ead
9e0872fabbf7ec5d6b540e0a327f55fe3c0bf7bbd221fc38ee0055b8df0bfc00
a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60
ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1
ad4b8ea149d3f7cb03897804abf390d831f6b3fa8217f0bd9231ecfc77df8f67
afc6fe62627ab89983bfb4984831d4ec07b2f739642fd08241a7f65364a8265a
b2280597bc18063ac2258d9d8b667a2e48211d73dc8eb311c3a0a08226c9184b
b26b012a661b8a5d50e672f209c9afb8189be7bc63621999dadff862355dd929
c1b895b3ea0fefb6d7fe538489e0fb1a4ca75c6339fe37fb22da5332e4af1f3b
c3c994c3fe9bd4e055f6d0eb42067ecd6bdd3247e136bc22835b9882cfe77c61
c3e41e09ee86a94c09a52894f10ca6b5750ba384067c2cdc932a891a4bdc1d4b
c4aa5f75b54d39ff9780c3a5622efee6234b1657dd90d1777529e68bd06ad275
ca8f160d753405bb4698ec9e7545bf0b8a7d00162ac152b452542aab75f4ef0a
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
d0562b3a8aa3657eaf21ef7afb777d2779724c915c330f668451699511401a71
d30a722abc26162a744cfb5399dbcfd68814d62520da34d651c3f2b27ca6c3c0
d57c8034f9c12aa3ce626c9ed1d61a4bb0941c3ef320bb59346f20496fb0096a
d9202501c1050a39d47fe186345a169ec3af74934d1af80a4cc8887b53f10bb7
d9ba7cc0a2548acc3b7e3d524c776299de61fc90357c3c985ab32ae3957f8912
db877c5944a3daa8b22e8c48d42fffb8614ad48b2f597c590730833237e8323a
df4ed0f3d83baf9ec71e9bb750822fccbbe66cbc94b7e8dadd4d47c5f42c94e3
e1abcc3f24bfbb15de433889926615c04e63e12165584b396e3764e68584ad8c
e2812b1e3529e5f39e3b0586e82c7ad0dfc3fc61cfa0107edfac16483d0547d7
e312ee0e674629523ad89932c22fa521d1eb6426332c4b3f6e263eeb81bbd021
e3b08fad0d463d0ff3b1d0460e46621dfd34122f96835dfbd0b4ffdfbd09867a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5168b3d0c8f929a1b8c4c1b4e4ebac60ee0e1ecfd759aeb4be4c2b15e3fc097
e630ca171fc2c88f3a4c665ef0fe980389abffd548925dd8daf13f5d56e6a936
ebed77e0c92d7876c6329a97771728cc920ce8c3159c14dacd519d1552ee9e71
ed48ae9c1a324d49404d9fb4c508b880ca97a65f8fd21d352e241d1e4dfc50e2
eec5cc477e7cb4f1eee1f26dce3eb411a63716d89a9b659c7d5559571c837ccb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef924309fdd534b691ca405e6ec52e36a9856bb3848e07a9704c68a93259f56d
f1821b3865a1008ba0c088f7dc5c7eeb6b81e414461885c40b8d0f48fcbc9341
f2adfd83f8e9c7f3b092921eb5a59d4463041b2be8386a17ec7ac29d8d588470
f6293fa8c399fd492fb1d40068afee4415acd29c573e7b8661d9c49b1aecea95
f6c9f871d8abe12f31281e9bc30db0695d838bf5decf2469ba53119e0cbd1e2d
fb932909daac7eff47f2a458fb47760bfd0924191bcd477f2366dd31e3ee73a4