www.citigroup.com
Open in
urlscan Pro
184.26.251.219
Public Scan
Effective URL: https://www.citigroup.com/citi/
Submission: On November 03 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 2nd 2021. Valid for: a year.
This is the only time www.citigroup.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-26-251-219.deploy.static.akamaitechnologies.com
www.citigroup.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-50-49.nrt57.r.cloudfront.net
nexus.ensighten.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-9-188.ap-northeast-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-210-89.ap-northeast-1.compute.amazonaws.com
citi.demdex.net |
ASN16509 (AMAZON-02, US)
metrics1.citi.com | |
citicorporate.d2.sc.omtrdc.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-241-151.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com | |
www.linkedin.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-225-113.lax50.r.cloudfront.net
cdn.pbbl.co |
ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
sr.rlcdn.com |
ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f6.1e100.net
6165999.fls.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
35 |
citigroup.com
3 redirects
citigroup.com — Cisco Umbrella Rank: 38427 www.citigroup.com — Cisco Umbrella Rank: 68923 |
2 MB |
14 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121 |
722 KB |
12 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 6165999.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166 |
11 KB |
10 |
google.com
www.google.com — Cisco Umbrella Rank: 17 adservice.google.com — Cisco Umbrella Rank: 134 |
2 KB |
9 |
google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 14101 |
1 KB |
8 |
ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 3567 |
123 KB |
6 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 285 citi.demdex.net — Cisco Umbrella Rank: 66967 |
11 KB |
5 |
linkedin.com
5 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 815 www.linkedin.com — Cisco Umbrella Rank: 745 px4.ads.linkedin.com — Cisco Umbrella Rank: 7246 |
4 KB |
3 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 467 |
50 KB |
2 |
adsymptotic.com
1 redirects
p.adsymptotic.com — Cisco Umbrella Rank: 926 |
465 B |
2 |
omtrdc.net
1 redirects
citicorporate.d2.sc.omtrdc.net — Cisco Umbrella Rank: 579918 |
1 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
34 KB |
2 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1420 |
4 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com — Cisco Umbrella Rank: 97 ssl.google-analytics.com — Cisco Umbrella Rank: 397 |
18 KB |
2 |
rfihub.com
20766699p.rfihub.com — Cisco Umbrella Rank: 62918 a.rfihub.com — Cisco Umbrella Rank: 4258 |
4 KB |
1 |
agkn.com
d.agkn.com — Cisco Umbrella Rank: 913 |
591 B |
1 |
rlcdn.com
sr.rlcdn.com — Cisco Umbrella Rank: 17462 |
645 B |
1 |
pbbl.co
cdn.pbbl.co — Cisco Umbrella Rank: 11216 |
|
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 107 |
185 B |
1 |
twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 864 |
395 B |
1 |
t.co
t.co — Cisco Umbrella Rank: 507 |
376 B |
1 |
ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 950 |
15 KB |
1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1487 |
517 B |
1 |
citi.com
metrics1.citi.com — Cisco Umbrella Rank: 35002 |
625 B |
1 |
rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 6947 |
6 KB |
110 | 25 |
Domain | Requested by | |
---|---|---|
34 | www.citigroup.com |
2 redirects
www.citigroup.com
|
14 | www.googletagmanager.com |
nexus.ensighten.com
www.googletagmanager.com www.citigroup.com |
9 | www.google.co.jp | |
9 | www.google.com | |
9 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
8 | nexus.ensighten.com |
www.citigroup.com
nexus.ensighten.com |
4 | dpm.demdex.net |
1 redirects
www.citigroup.com
nexus.ensighten.com |
3 | px.ads.linkedin.com | 3 redirects |
3 | assets.adobedtm.com |
www.citigroup.com
assets.adobedtm.com |
2 | 6165999.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | p.adsymptotic.com |
1 redirects
www.citigroup.com
|
2 | citicorporate.d2.sc.omtrdc.net |
1 redirects
www.citigroup.com
|
2 | connect.facebook.net |
www.citigroup.com
connect.facebook.net |
2 | snap.licdn.com |
www.citigroup.com
snap.licdn.com |
2 | citi.demdex.net |
nexus.ensighten.com
www.citigroup.com |
1 | adservice.google.com |
6165999.fls.doubleclick.net
|
1 | stats.g.doubleclick.net | |
1 | ssl.google-analytics.com | 1 redirects |
1 | d.agkn.com | |
1 | sr.rlcdn.com |
nexus.ensighten.com
|
1 | cdn.pbbl.co |
nexus.ensighten.com
|
1 | a.rfihub.com |
c1.rfihub.net
|
1 | www.facebook.com |
www.citigroup.com
|
1 | px4.ads.linkedin.com | 1 redirects |
1 | www.linkedin.com | 1 redirects |
1 | analytics.twitter.com |
www.citigroup.com
|
1 | t.co |
www.citigroup.com
|
1 | static.ads-twitter.com |
www.citigroup.com
|
1 | www.google-analytics.com |
www.citigroup.com
|
1 | 20766699p.rfihub.com |
c1.rfihub.net
|
1 | cm.everesttech.net | 1 redirects |
1 | metrics1.citi.com |
nexus.ensighten.com
|
1 | c1.rfihub.net |
nexus.ensighten.com
|
1 | citigroup.com | 1 redirects |
110 | 34 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.citi.com DigiCert SHA2 Extended Validation Server CA |
2021-11-02 - 2022-12-03 |
a year | crt.sh |
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-10-07 - 2023-10-14 |
a year | crt.sh |
*.rfihub.net Amazon |
2021-12-29 - 2023-01-27 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-10-17 - 2023-01-09 |
3 months | crt.sh |
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
metrics1.citi.com DigiCert EV RSA CA G2 |
2022-07-22 - 2023-08-22 |
a year | crt.sh |
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA |
2022-05-24 - 2023-05-24 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
snap.licdn.com DigiCert SHA2 Secure Server CA |
2022-03-01 - 2023-03-01 |
a year | crt.sh |
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-22 - 2023-08-22 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-08-12 - 2022-11-10 |
3 months | crt.sh |
t.co DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-24 - 2023-01-23 |
a year | crt.sh |
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-24 - 2023-01-23 |
a year | crt.sh |
*.pbbl.co Amazon |
2022-10-04 - 2023-11-02 |
a year | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2022-02-03 - 2023-02-25 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
*.google.co.jp GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2022-09-06 - 2023-09-21 |
a year | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2022-10-17 - 2023-01-09 |
3 months | crt.sh |
This page contains 7 frames:
Primary Page:
https://www.citigroup.com/citi/
Frame ID: 9E96ED024141839C8E3FD75262CE607F
Requests: 103 HTTP requests in this frame
Frame:
https://citi.demdex.net/dest5.html?d_nsid=0
Frame ID: C97FD5221B4BB275B36C7BEFD905B4A6
Requests: 1 HTTP requests in this frame
Frame:
https://20766699p.rfihub.com/ca.html?ver=9&ra=471&rb=648&ca=20766699&_o=17169175&_t=&_rev=1&_pcode=1&_orderid=1&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=&pe=https%3A%2F%2Fwww.citigroup.com%2Fciti%2F&pf=&ra=05778412576383585
Frame ID: E617A1FBFD39DC2D0363D9C6F524DB09
Requests: 1 HTTP requests in this frame
Frame:
https://citi.demdex.net/dest5.html?d_nsid=0
Frame ID: 9D141A5A3C33E25C9FD7425C1B5ADC8D
Requests: 1 HTTP requests in this frame
Frame:
https://a.rfihub.com/pstats.html?rb=648&ca=20766699&ri=9a7d4dfe2280a763e39b72431ac5f248&stats=%7B%7D&ra=39446527771538364
Frame ID: 747E0A4DE7C39BC864D8538293D1B61E
Requests: 1 HTTP requests in this frame
Frame:
https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 9AADB0E32F0534FA64F7783C4AF5BD5F
Requests: 1 HTTP requests in this frame
Frame:
https://6165999.fls.doubleclick.net/activityi;dc_pre=CNbX5v-AkvsCFbxeDwIdIHIItw;src=6165999;type=citigrp;cat=citigplp;ord=2740299165745;gtm=2odav0;auiddc=2074427694.1667478364;~oref=https%3A%2F%2Fwww.citigroup.com%2Fciti%2F
Frame ID: 07A9B58CE595CFF64B93FDFDC388A6C0
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Global Investment Bank and Financial Services | CitiPage URL History Show full URLs
-
http://citigroup.com/
HTTP 301
https://www.citigroup.com/ HTTP 301
http://www.citigroup.com/citi/ HTTP 301
https://www.citigroup.com/citi/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
RequireJS (JavaScript Frameworks) Expand
Detected patterns
- require.*\.js
Ensighten (Tag Managers) Expand
Detected patterns
- //nexus\.ensighten\.com/
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Linkedin Insight Tag (Analytics) Expand
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
21 Outgoing links
These are links going to different origins than the main page.
Title: Blog
Search URL Search Domain Scan URL
Title: CitiBusiness
Search URL Search Domain Scan URL
Title: Citi Private Bank
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: CitiMortgage
Search URL Search Domain Scan URL
Title: ThankYou® Rewards
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: Alumni
Search URL Search Domain Scan URL
Title: Mortgage & Other ABS
Search URL Search Domain Scan URL
Title: Citi Private Bank
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Title: See the post
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: CA Privacy Hub
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://citigroup.com/
HTTP 301
https://www.citigroup.com/ HTTP 301
http://www.citigroup.com/citi/ HTTP 301
https://www.citigroup.com/citi/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1667478363732 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1667478363732
- https://cm.everesttech.net/cm/dd?d_uuid=12169225086213341323015858288398670342 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y2OzXAAAAG1NswN9
- https://citicorporate.d2.sc.omtrdc.net/b/ss/citiccitigroupcomprod/1/JS-2.20.0-LBWB/s65106945503370?AQB=1&ndh=1&pf=1&t=3%2F10%2F2022%2012%3A26%3A5%204%200&fid=1DCCAE0CB43F2F82-0D793026EAE0F38C&ce=UTF-8&pageName=Global%20Investment%20Bank%20and%20Financial%20Services%20%7C%20Citi&g=https%3A%2F%2Fwww.citigroup.com%2Fciti%2F&cc=USD&server=https%3A%2F%2Fwww.citigroup.com%2Fciti%2F&events=event35%2Cevent29&c2=7%3A26%20AM%7CThursday&v2=7%3A26%20AM%7CThursday&v3=https%3A%2F%2Fwww.citigroup.com%2Fciti%2F&c7=1&v7=1&c17=New%20Website&c44=homepage-211103500&v45=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F107.0.5304.87%20safari%2F537.36&c46=1DCCAE0CB43F2F82-0D793026EAE0F38C&c50=Citi%20Corporate%20s_code%20%7COmniture%20Base%20Code%20H26&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
- https://citicorporate.d2.sc.omtrdc.net/b/ss/citiccitigroupcomprod/1/JS-2.20.0-LBWB/s65106945503370?AQB=1&pccr=true&ndh=1&pf=1&t=3%2F10%2F2022%2012%3A26%3A5%204%200&fid=1DCCAE0CB43F2F82-0D793026EAE0F38C&ce=UTF-8&pageName=Global%20Investment%20Bank%20and%20Financial%20Services%20%7C%20Citi&g=https%3A%2F%2Fwww.citigroup.com%2Fciti%2F&cc=USD&server=https%3A%2F%2Fwww.citigroup.com%2Fciti%2F&events=event35%2Cevent29&c2=7%3A26%20AM%7CThursday&v2=7%3A26%20AM%7CThursday&v3=https%3A%2F%2Fwww.citigroup.com%2Fciti%2F&c7=1&v7=1&c17=New%20Website&c44=homepage-211103500&v45=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F107.0.5304.87%20safari%2F537.36&c46=1DCCAE0CB43F2F82-0D793026EAE0F38C&c50=Citi%20Corporate%20s_code%20%7COmniture%20Base%20Code%20H26&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1696&time=1667478366100&url=https%3A%2F%2Fwww.citigroup.com%2Fciti%2F HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1696&time=1667478366100&url=https%3A%2F%2Fwww.citigroup.com%2Fciti%2F&cookiesTest=true HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1696%26time%3D1667478366100%26url%3Dhttps%253A%252F%252Fwww.citigroup.com%252Fciti%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1696&time=1667478366100&url=https%3A%2F%2Fwww.citigroup.com%2Fciti%2F&cookiesTest=true&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1696&time=1667478366100&url=https%3A%2F%2Fwww.citigroup.com%2Fciti%2F&cookiesTest=true&liSync=true&e_ipv6=AQLQ8R_rxNsJfAAAAYQ9dKnVeh4EhpLW3hY56kTY9514EGPwOxXam7utwK29OrXRRwXcEg HTTP 302
- https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=00cfd279-aa03-486f-97c8-1f9a8db44dd0 HTTP 302
- https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=00cfd279-aa03-486f-97c8-1f9a8db44dd0&_expected_cookie=674f145f6cdd293e1cd86aee642d0110
- https://6165999.fls.doubleclick.net/activityi;src=6165999;type=citigrp;cat=citigplp;ord=2740299165745;gtm=2odav0;auiddc=2074427694.1667478364;~oref=https%3A%2F%2Fwww.citigroup.com%2Fciti%2F HTTP 302
- https://6165999.fls.doubleclick.net/activityi;dc_pre=CNbX5v-AkvsCFbxeDwIdIHIItw;src=6165999;type=citigrp;cat=citigplp;ord=2740299165745;gtm=2odav0;auiddc=2074427694.1667478364;~oref=https%3A%2F%2Fwww.citigroup.com%2Fciti%2F
- https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=74347669&utmhn=www.citigroup.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Global%20Investment%20Bank%20and%20Financial%20Services%20%7C%20Citi&utmhid=951941483&utmr=-&utmp=%2Fciti%2F&utmht=1667478370810&utmac=UA-39057239-1&utmcc=__utma%3D246675222.1642673834.1667478371.1667478371.1667478371.1%3B%2B__utmz%3D246675222.1667478371.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1987737675&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39057239-1&cid=1642673834.1667478371&jid=1987737675&_v=5.7.2&z=74347669
110 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.citigroup.com/citi/ Redirect Chain
|
17 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
require.min.js
www.citigroup.com/citi/assets/js/lib/ |
17 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.ensighten.com/citi/na_prod/ |
100 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
brand.js
www.citigroup.com/citi/assets/js/ |
154 KB 39 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
364 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 251 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/citi/na_prod/ |
1 KB 870 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
af3b21070dd01ab22a4f331056324374.js
nexus.ensighten.com/citi/na_prod/code/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d74f82b561a6aa5d9247eaf72394131a.js
nexus.ensighten.com/citi/na_prod/code/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
725f52f47953fbdb124cea48c5c5316a.js
nexus.ensighten.com/citi/na_prod/code/ |
293 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
51aba9f62787efbaa13e53a8d1ae3892.js
nexus.ensighten.com/citi/na_prod/code/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
66b3bdd1803d6a2f5d6abaa2ab137d76.js
nexus.ensighten.com/citi/na_prod/code/ |
97 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tc.min.js
c1.rfihub.net/js/ |
19 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
110 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
citi.demdex.net/ Frame C97F |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
metrics1.citi.com/ |
89 B 625 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=Y2OzXAAAAG1NswN9
dpm.demdex.net/ Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ca.html
20766699p.rfihub.com/ Frame E617 |
3 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
110 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
110 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
110 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
364 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
110 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.min.css
www.citigroup.com/citi/assets/dist/ |
230 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.min.css
www.citigroup.com/citi/assets/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
www.citigroup.com/citi/assets/css/ |
2 KB 732 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
www.citigroup.com/citi/assets/font-awesome/css/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.5.1.min.js
www.citigroup.com/citi/assets/js/lib/ |
87 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mainNavs.txt
www.citigroup.com/citi/assets/data/ |
14 KB 15 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
text.js
www.citigroup.com/citi/assets/js/lib/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
json.js
www.citigroup.com/citi/assets/js/lib/ |
539 B 807 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendors.min.js
www.citigroup.com/citi/assets/dist/ |
174 KB 53 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
templates.js
www.citigroup.com/citi/assets/js/lib/ |
36 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
citi.demdex.net/ Frame 9D14 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satelliteLib-47d65ee169ea726831f89ef156b12527e4641832.js
assets.adobedtm.com/4b54b73a24aa292b5bd7fd74600e3e736888c895/ |
153 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
www.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citi-logo-no-r.png
www.citigroup.com/citi/assets/img/brand/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citi-logo-no-r-blue.png
www.citigroup.com/citi/assets/img/brand/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citi-logo.png
www.citigroup.com/citi/assets/img/brand/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
doc-dwnld-investor.png
www.citigroup.com/citi/assets/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
doc-dwnld-media.png
www.citigroup.com/citi/assets/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
doc-dwnld-annual.png
www.citigroup.com/citi/assets/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
997 B 690 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
56 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
103 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s65106945503370
citicorporate.d2.sc.omtrdc.net/b/ss/citiccitigroupcomprod/1/JS-2.20.0-LBWB/ Redirect Chain
|
43 B 298 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.old.min.js
snap.licdn.com/li.lms-analytics/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 376 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
43 B 395 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1651979795045043
connect.facebook.net/signals/config/ |
25 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
p.adsymptotic.com/d/px/ Redirect Chain
|
43 B 141 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citi-blue-bar.jpg
www.citigroup.com/citi/assets/img/brand/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hero-home-3q22.jpg
www.citigroup.com/citi/assets/img/ |
976 KB 976 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jane_fraser030122.jpg
www.citigroup.com/citi/assets/img/ |
48 KB 48 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2020-717D-Racial-Equity-1500x1020-v3.png
www.citigroup.com/citi/assets/img/ |
582 KB 582 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
211028SocialFinance290.jpg
www.citigroup.com/citi/assets/img/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
221017netzero2050.jpg
www.citigroup.com/citi/assets/img/ |
55 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
external-citizenship-icon.png
www.citigroup.com/citi/assets/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
external-citi-for-cities-icon.png
www.citigroup.com/citi/assets/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
external-careers-icon.png
www.citigroup.com/citi/assets/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Interstate-Bold.woff
www.citigroup.com/citi/assets/fonts/citi/ |
70 KB 70 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Interstate-Light.woff
www.citigroup.com/citi/assets/fonts/citi/ |
74 KB 74 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff
www.citigroup.com/citi/assets/font-awesome/fonts/ |
64 KB 64 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d93d9274dd628a112aadb4306542ef89.woff2
www.citigroup.com/citi/assets/fonts/ |
13 KB 13 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pstats.html
a.rfihub.com/ Frame 747E |
26 B 572 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1560.js
cdn.pbbl.co/r/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
178 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
425466.html
sr.rlcdn.com/ Frame 9AAD |
237 B 645 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
178 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
134 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
134 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
134 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
134 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
134 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
134 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
178 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/ |
2 KB 1009 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/ |
2 KB 1012 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/ |
2 KB 1013 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10955006959/ |
2 KB 1014 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/ |
2 KB 1011 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/916451471/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.jp/pagead/1p-user-list/916451471/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/644574043/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.jp/pagead/1p-user-list/644574043/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/ |
2 KB 1013 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/975701947/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.jp/pagead/1p-user-list/975701947/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/695231162/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.jp/pagead/1p-user-list/695231162/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/959299794/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.jp/pagead/1p-user-list/959299794/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/819500023/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.co.jp/pagead/1p-user-list/819500023/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/10955006959/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.co.jp/pagead/1p-user-list/10955006959/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/830907969/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.jp/pagead/1p-user-list/830907969/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/960621875/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.co.jp/pagead/1p-user-list/960621875/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
d.agkn.com/pixel/9340/ |
43 B 591 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activityi;dc_pre=CNbX5v-AkvsCFbxeDwIdIHIItw;src=6165999;type=citigrp;cat=citigplp;ord=2740299165745;gtm=2odav0;auiddc=2074427694.1667478364;~oref=https%3A%2F%2Fwww.citigroup.com%2Fciti%2F
6165999.fls.doubleclick.net/ Frame 07A9 Redirect Chain
|
403 B 351 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 430 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CNbX5v-AkvsCFbxeDwIdIHIItw;src=6165999;type=citigrp;cat=citigplp;ord=2740299165745;gtm=2odav0;auiddc=*;~oref=https%3A%2F%2Fwww.citigroup.com%2Fciti%2F
adservice.google.com/ddm/fls/z/ Frame 07A9 |
42 B 494 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
143 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| requirejs function| require function| define object| ensBootstraps object| Bootstrapper function| Visitor object| s_c_il number| s_c_in object| adobe_visitor function| _rfi object| citiData object| dataLayer function| gtag function| AppMeasurement_Module_ActivityMap function| AppMeasurement number| s_objectID number| s_giq string| rsidAry object| s_tms object| val function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP object| google_tag_manager object| google_tag_data object| _gaq function| addAnnotation function| loadCSS function| toggleNavItem function| pageNavItem function| doneResizing function| footerNavToggle function| pageNavToggle function| viewport function| smoothScrolling function| mobileNavReset function| loadJS function| loadRequireJs function| getUrlParameter function| loadTracking function| firedTracking function| renderSocialMediaPageSocialNetworks function| renderVerticalSocialNetworks function| getCurrentNodes function| renderSubNav function| renderTertiaryNav function| initSubNav function| getIndicesOf function| UrlExists function| getExternal function| renderTray function| getMobileSections function| renderMobileSections function| getSection function| renderSections function| renderWheel function| parseEvents function| updateWheel function| scrollToSection string| base_dir string| noCache object| requireJSPath object| requireJSArgs object| requireShim boolean| blogUAT boolean| blogPod boolean| newsAlert boolean| newsAlertUAT string| ext_site string| usenav string| dtmenv object| navHdr string| curlang string| setlangdir string| setsubnavlang function| findVariable boolean| appView string| cssext function| isMobileDevice string| serverPath string| searchUrl object| mainNavs function| $ function| jQuery object| checkLocation string| usecache boolean| careersSite function| initSite string| headerHtml string| footerHtml string| downloadsHtml string| extLinksHtml boolean| activeState string| _f boolean| _jfp string| _u string| _site string| _pgi boolean| isCitibank function| Waypoint function| _ function| sweep string| waypointContextKey object| date object| links number| sw string| getHref undefined| newHref object| _gat object| _satellite boolean| __satelliteLoaded string| _linkedin_data_partner_id function| twq function| getMetrics function| fbq function| _fbq function| s_gi function| s_pgicq object| s_i_citiccitigroupcomprod object| regeneratorRuntime object| twttr function| lintrk boolean| _already_called_lintrk object| _pp function| _trackAnalytics object| GooglebQhCsO number| ms object| gaGlobal41 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.demdex.net/ | Name: demdex Value: 12169225086213341323015858288398670342 |
|
.citigroup.com/ | Name: AMCVS_61834D9B5228A7430A490D45%40AdobeOrg Value: 1 |
|
www.citigroup.com/ | Name: 7830 Value: error |
|
www.citigroup.com/ | Name: 7018 Value: |
|
www.citigroup.com/ | Name: 64072 Value: |
|
.citigroup.com/ | Name: _gcl_au Value: 1.1.2074427694.1667478364 |
|
.citi.com/ | Name: s_vi Value: [CS]v1|31B1D9AE20D179AF-4000185DA7648FC1[CE] |
|
.citi.com/ | Name: s_ecid Value: MCMID%7C18197298632484126312340148991090598821 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~Y2OzXAAAAG1NswN9 |
|
.dpm.demdex.net/ | Name: dpm Value: 12169225086213341323015858288398670342 |
|
.citigroup.com/ | Name: AMCV_61834D9B5228A7430A490D45%40AdobeOrg Value: -330454231%7CMCIDTS%7C19300%7CMCMID%7C18197298632484126312340148991090598821%7CMCAAMLH-1668083164%7C11%7CMCAAMB-1668083164%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1667485563s%7CNONE%7CMCAID%7C31B1D9AE20D179AF-4000185DA7648FC1%7CMCSYNCSOP%7C411-19307%7CvVersion%7C3.1.2 |
|
.rfihub.com/ | Name: ruds Value: H4sIAAAAAAAA_-MSNjIwtDAyMbU0M7I0MjQxtjQ3tBDiM9Q1cMxITS8NCvS3KPQAAEO6__olAAAA |
|
.rfihub.com/ | Name: rud Value: H4sIAAAAAAAA_-MSNjIwtDAyMbU0M7I0MjQxtjQ3tBDiM9Q1cMxITS8NCvS3KPQAAEO6__olAAAA |
|
.citigroup.com/ | Name: s_fid Value: 1DCCAE0CB43F2F82-0D793026EAE0F38C |
|
.citigroup.com/ | Name: s_vnum Value: 1670070365991%26vn%3D1 |
|
.citigroup.com/ | Name: s_invisit Value: true |
|
.citigroup.com/ | Name: gpv_p6 Value: Global%20Investment%20Bank%20and%20Financial%20Services%20%7C%20Citi |
|
.citigroup.com/ | Name: s_cc Value: true |
|
.omtrdc.net/ | Name: s_vi_vx7Cax7Cvvx7Cax7Crgzx60evzxxegzq Value: [CS]v4|31B1D9AF7FA99D02-4000093E87640CE9|6363B35E[CE] |
|
.citigroup.com/ | Name: _fbp Value: fb.1.1667478366114.63901428 |
|
.linkedin.com/ | Name: li_sugr Value: 00cfd279-aa03-486f-97c8-1f9a8db44dd0 |
|
.ads.linkedin.com/ | Name: lang Value: v=2&lang=en-us |
|
.linkedin.com/ | Name: bcookie Value: "v=2&8c5b86fb-4132-4eb8-8b0b-419049405b58" |
|
.linkedin.com/ | Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2658:u=1:x=1:i=1667478366:t=1667564766:v=2:sig=AQEBdUTjB7MaggpS_jOMNEdor0lPb3NK" |
|
.linkedin.com/ | Name: UserMatchHistory Value: AQJsUVHDWCX12QAAAYQ9dKiOI4MImLshEsmXv0A1vn0WzCxHQokYc-bUvI612-4FDwwgyAnM8Bzhug |
|
.linkedin.com/ | Name: AnalyticsSyncHistory Value: AQJe886AR9n6HQAAAYQ9dKiONdQW0KOLJelthKqq6k6o3gX9e5mTUbg_C6sHMWzDLRrAOEEj5F_X62nv_7F67Q |
|
.t.co/ | Name: muc_ads Value: 6009e0da-a73a-4cde-9a71-cee938e25efe |
|
.twitter.com/ | Name: personalization_id Value: "v1_1IWQL8PgNUAEvsmFWvAANg==" |
|
.linkedin.com/ | Name: lang Value: v=2&lang=en-us |
|
.www.linkedin.com/ | Name: bscookie Value: "v=1&20221103122606df469f69-c2f0-4f87-80f1-02615dcfad5cAQHcLIIa77cnWLHMAm9QY_qQRXnQkqse" |
|
.adsymptotic.com/ | Name: U Value: 674f145f6cdd293e1cd86aee642d0110 |
|
.rlcdn.com/ | Name: rlas3 Value: agtwpm6bH48nv8+Ru83r3ZHgZU0gkrsKfUrNTx6g8Jw= |
|
.rlcdn.com/ | Name: pxrc Value: CAA= |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUlcG3w2-_xx_3WV7P323mtoy_AzzbeYnwVHzZEd4__NtgpZgIAq5alvIPhK |
|
.citigroup.com/ | Name: __utma Value: 246675222.1642673834.1667478371.1667478371.1667478371.1 |
|
.citigroup.com/ | Name: __utmc Value: 246675222 |
|
.citigroup.com/ | Name: __utmz Value: 246675222.1667478371.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.citigroup.com/ | Name: __utmt Value: 1 |
|
.citigroup.com/ | Name: __utmb Value: 246675222.1.10.1667478371 |
|
.agkn.com/ | Name: ab Value: 0001%3A8fLKfeEgeW7RxhnCvYRV%2FfvtPPZ8ezrQ |
|
.agkn.com/ | Name: u Value: C|0CAAq9m_iKvZv4gAAAAAAAUC7AAAAAA |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
20766699p.rfihub.com
6165999.fls.doubleclick.net
a.rfihub.com
adservice.google.com
analytics.twitter.com
assets.adobedtm.com
c1.rfihub.net
cdn.pbbl.co
citi.demdex.net
citicorporate.d2.sc.omtrdc.net
citigroup.com
cm.everesttech.net
connect.facebook.net
d.agkn.com
dpm.demdex.net
googleads.g.doubleclick.net
metrics1.citi.com
nexus.ensighten.com
p.adsymptotic.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
sr.rlcdn.com
ssl.google-analytics.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.citigroup.com
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.linkedin.com
104.18.101.194
104.244.42.197
104.244.42.3
13.107.42.14
13.114.210.89
13.226.225.113
13.32.50.49
142.250.199.102
151.101.108.157
18.136.241.151
184.26.251.219
192.193.102.175
198.8.71.131
2404:6800:4004:801::2008
2404:6800:4004:80b::2002
2404:6800:4004:81e::2002
2404:6800:4004:820::2004
2404:6800:4004:820::200e
2404:6800:4004:822::2003
2404:6800:4004:827::2008
2404:6800:4008:c13::9d
2600:140b:1a00:14::17dc:5487
2600:140b:1a00:189::1e80
2600:9000:2142:800:19:fc2c:a140:93a1
2600:9000:21c5:c00:1:76cf:fe80:93a1
2620:1ec:21::14
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
35.190.60.146
52.68.9.188
63.140.50.18
00b1508d0c81d79add790badad138a977c660203190cddca4a60fcd9d3bfc280
04da867cab3220f99bb1b60354bd347deb649ef5dde56e923552675bb927be57
0c5501be4076f83d680144fb5bafd0ba3a17230cab93e680dbfc3892f52286d9
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
1243ffed4530d6d237dd040101bf2933687f6e9272b10132060115058f914206
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1afe22067b7bf3fa742e743c1830562a6c68a0da2c830cc0e7ef5b17e7d2863e
269a3a83a14f36dec8bc295749bf1c014306dc6703637760522822d7e78f3909
270c8dbcbdc916b70e41dde2d30304058fcc8ee0e50dffbdb412328090d796d5
310e665bf02470f1c3464ddd81fc9331a3491ed209c167ddc9d7c59672586191
328d4fc2fc50d4821af43b1d6822a2e8ca134fce1d89ecf4cca9b5f8a23433b8
337e5cb7f78903f54616862074b97197b943dff46338d9ada0b22c545e0eb646
34d5ae7ddfa17a0b1e0b24d83c666197ab2c0d2530ff27c697b205378c011352
396f4df3688fe70e18f7c58e551ad48eaa27d1eadeb3b969652151d09f91608b
3d41508df2f9328ea95c0858422ecb33c1d3348c932ccd875ace99e06fab01bb
3ebc943c7020253927833493b8e4b4dce4aa57ea44cefc88faa1da4d6e7dbd27
3f31094d6352111e95a3a50f1c5848c60f1ddcf07f0c65fa67a248581d81c9da
3f8729c13b9594789986b66619150b26db4e139bd7514afa893e837abeb7cd60
4019e37311591722e63bac969ec28274bc10a37981182ef1affc25b13b903d5e
40b7693fbb5e95687a4a7604b92a670059c5fca727737107e15b0ad1be379262
466df4b243b3dd4ca1c728e9013d5596620846e689d238a96f3f9552253b2ded
46913fed0b65d3b90f014847a365c03288c0e9f8bbb1c1ef9f41e7001c3331a1
47b27bd8c4abc9012f01d108ba6aad324f2c737ff737700415b824fa95ffffc8
48bdfede56827f10708d3235c50b694fca31dca0797bc1308cc5a4d7fb94fcd5
4a1e5fed8828e5a3decdd96d1187f8cc50cde60f3a4e495529f2f7cc480ba338
500878f741d28e6bc8ee6d54f23c92b6722dce63abdfc4c4588a9303c17cb5dd
535e2d816abdd121c0a3b299aa000a349ab5d16953aa40e765cf8741435cab55
586867c6df8d6a41d10da0d336138a049dd3596e343e4d76b7368c7f72b95f64
5d5c47f5fb203a49f1be00f6c8cc97ba64d2a8d27254c130a66f6ffa25be42cf
5f191f89581e20d4a95beab49edbeb36a58f5f50f409c3bcc1f865e274690001
6423640c1edc46aeb4ac38cc2878c7962b45b43e6b86ab488a9abb679dd934a3
6e7fbd23f36d3f0edd57fc7d2067f61510ba27c7b94f3d269322f2b2dda2a229
6f76d1ba0b00be93e8e190e2384c8b4a5719d8e34ca3f5392c5234cca0189746
6fad26e8cafb0e5ebf03ec9660ebfd6037c17207e21f9e2e1891f113ba5eaad5
762622e677c063032dfb0cecbec580afff74c0b02443f6b6fbef5aa4951faedd
78e14ede7a09713deeadf6ab2d6b1f882ba5a2d67800f952f7d1b67733f406b5
78f045666b2dda622d540da881f989db0f9a4678d3a740ac5de7dab39ee707d6
79f7b46d7580ac61d0a54266160b9a2c3d5e475614bc0baca7d384370ddfc944
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e35584698533f152f929f0852e1f462fbe3b64ba59e958f1baff6a788c97186
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
80a12452abed8ca2d44563495d9cdd1e6047c11a6bd506213d79e6070ee0ac62
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
876666094893f4c6ed9aa6e088c3127d91132ff4642af7e7f2c5591e745cadf1
87a6296fd9118b2b4512a681739d14518eec4d63051ca194c8d7cdab456e7df2
89e35d9f1aaeaea793498a4ec066d937e4e8ea8788cedf0ae44c4ef250bfd9e2
944ed76efa1ddd52c78a6140567a9374f83d7885361af3c871344e2b35a36215
98946037a60fc1b24fe8e343f8a7ae240a50418c0be0b913520f2b52af6c4a05
9c29ecf24394df8911a1d0e7fb5e5417ec8e602a8ff4e1e9de12ce1ae0998d7a
9cc56307a599f98aca4e3fedeba9b46a424244e8257a64f0e9700f7d90cf2834
a045ac35605ce956508c8f9d8fd92bdfa00ecbf3ed8ef620672c610a02796303
a0a1a820464e4169c3fd014a363b2a6232800c542f36e1177e27c4f6524ba5a0
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a58314d9bcc914e9de1c9197b8730bc1e8caf388ffaa53659efe0449045aeba7
a96e2a154ebb6d0854e36878a28a90d3da94ff13b302c79aaf2b27091cba9dcb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad3c72072ae879fec6350b6b23df036b70edacc31138cb2dc34de02f0689d14e
affac4ffd9be44ea1e9783d5824557091abfdac292a8b677009f15adf5f6a339
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b58c649346ff9548feb7127b90e4734f6427c1030aa2e99e4c8381041660aa94
b930239265eec8871822d11d75bf8524bea98342ce1278306b4d65c70e87876c
b99b8e0027866e880575bc4899aec07c054ebaa3a487c13f7b60165c875ffb84
bbe90dd56307a0c7e3ce8721a1e8e957639d8bcc3f8879aa40e29555fb67f7ff
bbfca0a1b4b8df35c0a0ab9a6325eca549e9b7e5774fd4eb10eba866411c7322
bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650
c92295bd1bd22a2460a97272741c3ef8753884a1a370ad862753cc16e6d94e85
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d08b0e82e4be24856001e584cef52bd6dc7461ca0e4c05963b52e4f58dd4449b
d0b56fd9e741fb88da14b2ceeb013c3f2f14a37b8ad1e9ff45918a1703ffe286
d2667aa38599ee0de5244f5ea6aa603484f9cbaf6fea5bfe67d9d15cc7daa731
d2751a84e6a70913798dd8b2aede47ab49b7a701618cd151d89755638f71aa02
d6fee48ef76b8276bc01f10e361b04e29c87129d4b87515f3720287ef2b4c7ee
e1c32bb00a06e27832a30410b5267c242e1543da9878bdc6a91e8e8c7c28155f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b7faebc9c83d40bb8c017a5242ed65e110054245f928a36e410c1d716a4b54
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24c38d60a4c4316eb031c28f116e338b148e1d1c8f65be0f1012f5b2b6d672e
f2de3a0cc7352e19f290e03a0debe1ff77a77ece48f0fdb0f95a185bd376792d
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f3d1b005dccb3af31e0e8f39e6aef2828ee40e2ddfdcd2907899a4dcf02f7be3
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143