online.citi.com
Open in
urlscan Pro
104.109.92.187
Public Scan
Submitted URL: http://thankyou.citi.com/T/v500000174d9f614ad97b26af4bbe5cfc0/3bf2bdb046d54a330000021ef3a0bcc3/3bf2bdb0-46d5-4a33-94ae-df...
Effective URL: https://online.citi.com/US/JSO/signon/DisplayUsernameSignon.do?userType=tyLogin&locale=en_US&TYNewUser=false&TYForgotUUI...
Submission Tags: phishing malicious Search All
Submission: On September 29 via api from US
Effective URL: https://online.citi.com/US/JSO/signon/DisplayUsernameSignon.do?userType=tyLogin&locale=en_US&TYNewUser=false&TYForgotUUI...
Submission Tags: phishing malicious Search All
Submission: On September 29 via api from US
Summary
This website contacted 28 IPs
in 7 countries
across 19 domains to perform 124 HTTP transactions.
The main IP is 104.109.92.187, located in
Netherlands and
belongs to AKAMAI-ASN1, EU.
The main domain is online.citi.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on March 13th 2020. Valid for: 2 years.
This is the only time online.citi.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on March 13th 2020. Valid for: 2 years.
This is the only time online.citi.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
31
104.109.92.187
(Netherlands)
ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-92-187.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-92-187.deploy.static.akamaitechnologies.com
| online.citi.com |
9
18.195.42.228
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
| nexus.ensighten.com |
3
34.249.46.6
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-46-6.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-46-6.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
4
99.86.243.18
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-18.vie50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-18.vie50.r.cloudfront.net
| gateway.foresee.com |
1
54.154.62.31
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-62-31.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-62-31.eu-west-1.compute.amazonaws.com
| citi.demdex.net |
3
15.236.9.100
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-9-100.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-9-100.eu-west-3.compute.amazonaws.com
| metrics1.citi.com |
1
2a00:1450:4001:81a::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
104.108.63.235
(Netherlands)
ASN16625 (AKAMAI-AS, US)
PTR: a104-108-63-235.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-108-63-235.deploy.static.akamaitechnologies.com
| tags.bkrtx.com |
1
104.103.78.138
(Netherlands)
ASN16625 (AKAMAI-AS, US)
PTR: a104-103-78-138.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-103-78-138.deploy.static.akamaitechnologies.com
| c1.rfihub.net |
2
2a00:1450:4001:809::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
2
2a03:6400:10:0:178:249:97:99
(United Kingdom)
ASN11054 (LIVEPERSON, US)
ASN11054 (LIVEPERSON, US)
| lp-01.chat.online.citi.com |
1
13.225.73.20
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-20.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-20.fra2.r.cloudfront.net
| static-assets.fs.liveperson.com |
1
52.141.218.213
(Des Moines, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| contents3.00110.citi.com |
1
35.244.245.222
(Mountain View, United States)
ASN15169 (GOOGLE, US)
PTR: 222.245.244.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 222.245.244.35.bc.googleusercontent.com
| sr.rlcdn.com |
2
143.204.94.11
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-11.fra50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-11.fra50.r.cloudfront.net
| cdn.pbbl.co |
1
184.30.210.81
(Netherlands)
ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-210-81.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-210-81.deploy.static.akamaitechnologies.com
| stags.bluekai.com |
1
2a03:6400:10:0:178:249:97:98
(United Kingdom)
ASN11054 (LIVEPERSON, US)
ASN11054 (LIVEPERSON, US)
| lpcdn.chat.online.citi.com |
2
91.235.134.131
(Netherlands)
ASN30286 (THM, US)
ASN30286 (THM, US)
| 89oebq5kxcr3y72iozsn5deq4lvf2s6natzr77jyb40b017a1adcd64dam1.e.aa.online-metrix.net | |
| 89oebq5kozitf5zyuxbugh4stmsdoa5wlb4pa4ap22322e055d970a9bam1.e.aa.online-metrix.net |
1
52.28.175.104
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-175-104.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-175-104.eu-central-1.compute.amazonaws.com
| aa.agkn.com |
1
35.241.45.82
(Ascension Island)
ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
| udc-neb.kampyle.com |
13
208.89.12.87
(United States)
ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net
ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net
| lp-03.chat.online.citi.com |
| Domain | Requested by | |
|---|---|---|
| 31 | online.citi.com |
online.citi.com
|
| 28 | content22.online.citi.com |
online.citi.com
content22.online.citi.com |
| 13 | lp-03.chat.online.citi.com |
lptag.liveperson.net
|
| 9 | nexus.ensighten.com |
online.citi.com
nexus.ensighten.com |
| 7 | lptag.liveperson.net |
online.citi.com
|
| 4 | gateway.foresee.com |
online.citi.com
gateway.foresee.com |
| 3 | resources.digital-cloud-citi.medallia.com |
nexus.ensighten.com
resources.digital-cloud-citi.medallia.com |
| 3 | www.googletagmanager.com |
nexus.ensighten.com
www.googletagmanager.com |
| 3 | metrics1.citi.com |
1 redirects
online.citi.com
|
| 3 | dpm.demdex.net |
1 redirects
online.citi.com
|
| 2 | px0.pbbl.co | 1 redirects |
| 2 | h.online-metrix.net |
content22.online.citi.com
|
| 2 | cdn.pbbl.co |
nexus.ensighten.com
cdn.pbbl.co |
| 2 | lp-01.chat.online.citi.com |
lptag.liveperson.net
|
| 2 | thankyou.citi.com | 2 redirects |
| 1 | udc-neb.kampyle.com | |
| 1 | 89oebq5kozitf5zyuxbugh4stmsdoa5wlb4pa4ap22322e055d970a9bam1.e.aa.online-metrix.net | |
| 1 | aa.agkn.com | 1 redirects |
| 1 | nebula-cdn.kampyle.com |
resources.digital-cloud-citi.medallia.com
|
| 1 | 89oebq5kxcr3y72iozsn5deq4lvf2s6natzr77jyb40b017a1adcd64dam1.e.aa.online-metrix.net | |
| 1 | lpcdn.chat.online.citi.com |
lptag.liveperson.net
|
| 1 | stags.bluekai.com |
tags.bkrtx.com
|
| 1 | sr.rlcdn.com |
nexus.ensighten.com
|
| 1 | contents3.00110.citi.com |
online.citi.com
|
| 1 | 20766699p.rfihub.com |
c1.rfihub.net
|
| 1 | static-assets.fs.liveperson.com |
lptag.liveperson.net
|
| 1 | a.rfihub.com |
c1.rfihub.net
|
| 1 | c1.rfihub.net |
nexus.ensighten.com
|
| 1 | tags.bkrtx.com |
nexus.ensighten.com
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | citi.demdex.net |
nexus.ensighten.com
|
| 1 | www.thankyou.com | 1 redirects |
| 124 | 32 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.thankyou.com |
| citiretailservices.citibankonline.com |
| www.facebook.com |
| www.twitter.com |
| www.youtube.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| online.citibank.com DigiCert SHA2 Extended Validation Server CA |
2020-03-13 - 2022-05-14 |
2 years | crt.sh |
| nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2020-09-09 - 2021-10-11 |
a year | crt.sh |
| *.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
| content22.online.citi.com DigiCert SHA2 Extended Validation Server CA |
2020-07-14 - 2022-08-06 |
2 years | crt.sh |
| foresee.com Amazon |
2020-07-25 - 2021-08-25 |
a year | crt.sh |
| *.liveperson.net COMODO RSA Organization Validation Secure Server CA |
2017-12-17 - 2020-12-16 |
3 years | crt.sh |
| metrics1.citi.com DigiCert SHA2 Extended Validation Server CA |
2020-07-02 - 2022-08-30 |
2 years | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
| *.bkrtx.com DigiCert SHA2 Secure Server CA |
2020-02-28 - 2021-05-29 |
a year | crt.sh |
| *.rfihub.net DigiCert SHA2 Secure Server CA |
2020-04-01 - 2021-07-01 |
a year | crt.sh |
| *.rfihub.com Sectigo RSA Domain Validation Secure Server CA |
2020-06-18 - 2022-06-18 |
2 years | crt.sh |
| chat.online.citi.com DigiCert SHA2 Extended Validation Server CA |
2019-11-01 - 2022-01-25 |
2 years | crt.sh |
| fs.liveperson.com Amazon |
2020-08-23 - 2021-09-23 |
a year | crt.sh |
| contents1.00110.citi.com DigiCert SHA2 Extended Validation Server CA |
2020-08-10 - 2022-08-10 |
2 years | crt.sh |
| *.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-14 - 2021-04-23 |
a year | crt.sh |
| *.digital-cloud-citi.medallia.com SSL.com DV CA |
2018-11-13 - 2020-11-12 |
2 years | crt.sh |
| *.pbbl.co Amazon |
2020-01-01 - 2021-02-01 |
a year | crt.sh |
| odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1 |
2020-04-14 - 2021-04-10 |
a year | crt.sh |
| h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1 |
2020-02-20 - 2021-02-19 |
a year | crt.sh |
| *.e.aa.online-metrix.net Go Daddy Secure Certificate Authority - G2 |
2019-09-13 - 2021-09-13 |
2 years | crt.sh |
| j.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2 |
2020-08-24 - 2022-08-21 |
2 years | crt.sh |
| px0.pbbl.co GTS CA 1D2 |
2020-08-29 - 2020-11-27 |
3 months | crt.sh |
| *.kampyle.com RapidSSL RSA CA 2018 |
2020-02-11 - 2022-03-06 |
2 years | crt.sh |
This page contains 15 frames:
Primary Page:
https://online.citi.com/US/JSO/signon/DisplayUsernameSignon.do?userType=tyLogin&locale=en_US&TYNewUser=false&TYForgotUUID=false&TYMigration=&SAMLPostURL=https://www.thankyou.com//gateway2.htm&ErrorCode=&TYPostURL=https://www.thankyou.com//tyLoginGateway.htm&cmp=EMC-CRG0780012.01
Frame ID: CCF4527070453CCBAF42E53E92E219B8
Requests: 89 HTTP requests in this frame
Frame:
https://citi.demdex.net/dest5.html?d_nsid=0
Frame ID: 136BC26479AA606826492E5CD688FC65
Requests: 1 HTTP requests in this frame
Frame:
https://20766699p.rfihub.com/ca.html?rfiidc=1871878971826550442&rfiaid=5344eddb4ef74dd8a4ef7411f4845e08&ver=9&ra=1467&rb=648&ca=20766699&_o=17169175&_t=thankyousignonpage&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=thankyousignonpage&pe=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FuserType%3DtyLogin%26locale%3Den_US%26TYNewUser%3Dfalse%26TYForgotUUID%3Dfalse%26TYMigration%3D%26SAMLPostURL%3Dhttps%3A%2F%2Fwww.thankyou.com%2F%2Fgateway2.htm%26ErrorCode%3D%26TYPostURL%3Dhttps%3A%2F%2Fwww.thankyou.com%2F%2FtyLoginGateway.htm%26cmp%3DEMC-CRG0780012.01&pf=&ra=8469396024789038
Frame ID: E06E5293429B3B424462618A671CF257
Requests: 1 HTTP requests in this frame
Frame:
https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 8EDD0AD9005B5C80550628779C37B63A
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/check.js;CIS3SID=67976A93C8D450F65E37A1CD641DB509?org_id=89oebq5k&session_id=cf40e4849e45711ff9ddabe667b837a5426267c7c86bb19a726ed881cc7102e3&nonce=b40b017a1adcd64d&pageid=1&jb=313526266a736775354c696e7778266871673d4c696c757a2468716a3f4168726f6f672730323a31
Frame ID: 0976095DFEA3BAD892ABCDFCFD271D85
Requests: 11 HTTP requests in this frame
Frame:
https://stags.bluekai.com/site/63068?ret=html&phint=language%3DEnglish&phint=product%3D&phint=event&phint=category%3Dprelogin%20sign%20on%20page&phint=page%3Dthankyou%20signon%20page&phint=section1%3Dother&phint=section2%3Dpublic&phint=section3%3Dthankyou&phint=section4%3Dsignon&phint=bankappstatus&phint=productID&phint=__bk_t%3DCiti%20ThankYou%C2%AE%20Rewards%20%3F%20Sign%20On&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FuserType%3DtyLogin%26locale%3Den_US%26TYNewUser%3Dfalse%26TYForgotUUID%3Dfalse%26TYMigration%3D%26SAMLPostURL%3Dhttps%3A%2F%2Fwww.thankyou.com%2F%2Fgateway2.htm%26ErrorCode%3D%26TYPostURL%3Dhttps%3A%2F%2Fwww.thankyou.com%2F%2FtyLoginGateway.htm%26cmp%3DEMC-CRG0780012.01&phint=__bk_v%3D3.1.6&limit=10&r=33734178
Frame ID: 66E995CC1828A7E66DD1957CB21C66EC
Requests: 1 HTTP requests in this frame
Frame:
https://lpcdn.chat.online.citi.com/le_secure_storage/3.10.0.1-release_5033/storage.secure.min.html?loc=https%3A%2F%2Fonline.citi.com&site=50929468&env=prod
Frame ID: AF4B0BD11B9D9A2EE3A05D671B9B70D1
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/check.js;CIS3SID=40DB560ABF04134584AF178535767951?org_id=89oebq5k&session_id=7959029db1a8d9b4b554fe6564f43bf1d57a69340cdd92a73beb688ce71dded6&nonce=22322e055d970a9b&pageid=1&jb=313f262e6a7167753f4c69667570246a716f3d4c6b6e7778246a71623f416a726f6d672530383a33
Frame ID: CDA9358ADBB2C0B598A09D54F21D07BE
Requests: 11 HTTP requests in this frame
Frame:
https://cdn.pbbl.co/i/pp.html
Frame ID: F7E75899E2C305AD63454209392DAFDC
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=67976A93C8D450F65E37A1CD641DB509?org_id=89oebq5k&session_id=cf40e4849e45711ff9ddabe667b837a5426267c7c86bb19a726ed881cc7102e3&nonce=b40b017a1adcd64d&pageid=1
Frame ID: 3B4DBC0F14EFC6C1329ADEFBCF343E60
Requests: 2 HTTP requests in this frame
Frame:
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=67976A93C8D450F65E37A1CD641DB509?org_id=89oebq5k&session_id=cf40e4849e45711ff9ddabe667b837a5426267c7c86bb19a726ed881cc7102e3&nonce=b40b017a1adcd64d&pageid=1
Frame ID: 7322BFAA3AA2F04CD0158DC8F7263114
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/top_fp.html;CIS3SID=67976A93C8D450F65E37A1CD641DB509?org_id=89oebq5k&session_id=cf40e4849e45711ff9ddabe667b837a5426267c7c86bb19a726ed881cc7102e3&nonce=b40b017a1adcd64d&pageid=1
Frame ID: C68CCE15A043B5396E460593068391AC
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=40DB560ABF04134584AF178535767951?org_id=89oebq5k&session_id=7959029db1a8d9b4b554fe6564f43bf1d57a69340cdd92a73beb688ce71dded6&nonce=22322e055d970a9b&pageid=1
Frame ID: 7BFB61762CECBD809DEB4B8EB39FAC58
Requests: 2 HTTP requests in this frame
Frame:
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=40DB560ABF04134584AF178535767951?org_id=89oebq5k&session_id=7959029db1a8d9b4b554fe6564f43bf1d57a69340cdd92a73beb688ce71dded6&nonce=22322e055d970a9b&pageid=1
Frame ID: 1C11D443723A0322232DB96CF59AB37F
Requests: 1 HTTP requests in this frame
Frame:
https://content22.online.citi.com/fp/top_fp.html;CIS3SID=40DB560ABF04134584AF178535767951?org_id=89oebq5k&session_id=7959029db1a8d9b4b554fe6564f43bf1d57a69340cdd92a73beb688ce71dded6&nonce=22322e055d970a9b&pageid=1
Frame ID: E26C4F771A6B7B78B1966761BCA687E8
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://thankyou.citi.com/T/v500000174d9f614ad97b26af4bbe5cfc0/3bf2bdb046d54a330000021ef3a0bcc3/3bf2bd...
HTTP 302
https://thankyou.citi.com/T/v500000174d9f614ad97b26af4bbe5cfc0/3bf2bdb046d54a330000021ef3a0bcc3/3bf2bd... HTTP 302
https://www.thankyou.com/pointsSummary.htm?cmp=EMC-CRG0780012.01&LID=cardart&OID=email&MID=header_CBS... HTTP 302
https://online.citi.com/US/JSO/signon/DisplayUsernameSignon.do?userType=tyLogin&locale=en_US&TYNewUs... Page URL
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
URL: https://www.thankyou.com/cms/thankyou?cmp=nav&lid=header%7Clogo
Search URL Search Domain Scan URL
URL: https://www.thankyou.com/forgotPasswordLanding.htm
Title: Forgot User ID or Password?
Title: Forgot User ID or Password?
Search URL Search Domain Scan URL
URL: https://citiretailservices.citibankonline.com/RSnextgen/svc/registration/index.action?siteId=SEARS&langId=en_US#verify
Title: Register SearsCard.com account
Title: Register SearsCard.com account
Search URL Search Domain Scan URL
URL: https://www.thankyou.com/registrationLanding.htm
Title: Register your ThankYou.com account
Title: Register your ThankYou.com account
Search URL Search Domain Scan URL
URL: https://www.thankyou.com/tc.jspx?cmp=nav&lid=footer%7Cterms-and-conditions
Title: ThankYou Rewards Terms and Conditions
Title: ThankYou Rewards Terms and Conditions
Search URL Search Domain Scan URL
URL: https://www.thankyou.com/privacyStmt.jspx?cmp=NAV&LID=footer%7Cprivacy
Title: Privacy
Title: Privacy
Search URL Search Domain Scan URL
URL: https://www.thankyou.com/security.jspx?cmp=NAV&LID=footer%7Csecurity
Title: Security
Title: Security
Search URL Search Domain Scan URL
URL: https://www.facebook.com/citi
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.twitter.com/citi
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.youtube.com/citi
Title:
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://thankyou.citi.com/T/v500000174d9f614ad97b26af4bbe5cfc0/3bf2bdb046d54a330000021ef3a0bcc3/3bf2bdb0-46d5-4a33-94ae-df8336ca9242?__dU__=v0G4RBKTXg2Gs5BnssqDWhgDWVXpKy0GrsB2gabaYTn6rYFBs0LdIJkA==&__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0JoZLAZABQF5BnkC6ALMKVVKovhFqYdDDXSc0qSmoB9Wcsw7WSb2bfKXzLETwZlPHrHhBEm4Wo8bMSnVudVYD2VU3Gqe91T1x_GgSgzZcNuiGdauK_lAHEReFwOra78tjbFzxSnq-wJjumGLy1t-sJHnMDE0CCpcuvKsBzlg-NIsy94g439cFYh6nZxYe6dZLVfh6eS8qCFR6kEjHPVDPbtIRZ6NwqrqTn1EkBxTQL_8OkPY-QoQo3xnXlZR-yo9WnwgKoNtlXxl2Ho0vOXZuzGIKfn1No5ofGLfypOjV7SiQJwen0QfOYB_KsWuWJj90nd9E3wmd4-H2cqZqgg9LhGqBrYeOI9WjEkHuBNNmatlR-iKNF6DLrPMIQqTzq1PNB9Ppeoivq1LLhC89eEjY5YcyeJxsQka_Iz6CB6VbTSDejkSlWl9D8H3P-d5mF3kc=
HTTP 302
https://thankyou.citi.com/T/v500000174d9f614ad97b26af4bbe5cfc0/3bf2bdb046d54a330000021ef3a0bcc3/3bf2bdb0-46d5-4a33-94ae-df8336ca9242?__dU__=v0G4RBKTXg2Gs5BnssqDWhgDWVXpKy0GrsB2gabaYTn6rYFBs0LdIJkA==&__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0JoZLAZABQF5BnkC6ALMKVVKovhFqYdDDXSc0qSmoB9Wcsw7WSb2bfKXzLETwZlPHrHhBEm4Wo8bMSnVudVYD2VU3Gqe91T1x_GgSgzZcNuiGdauK_lAHEReFwOra78tjbFzxSnq-wJjumGLy1t-sJHnMDE0CCpcuvKsBzlg-NIsy94g439cFYh6nZxYe6dZLVfh6eS8qCFR6kEjHPVDPbtIRZ6NwqrqTn1EkBxTQL_8OkPY-QoQo3xnXlZR-yo9WnwgKoNtlXxl2Ho0vOXZuzGIKfn1No5ofGLfypOjV7SiQJwen0QfOYB_KsWuWJj90nd9E3wmd4-H2cqZqgg9LhGqBrYeOI9WjEkHuBNNmatlR-iKNF6DLrPMIQqTzq1PNB9Ppeoivq1LLhC89eEjY5YcyeJxsQka_Iz6CB6VbTSDejkSlWl9D8H3P-d5mF3kc= HTTP 302
https://www.thankyou.com/pointsSummary.htm?cmp=EMC-CRG0780012.01&LID=cardart&OID=email&MID=header_CBSD-00142&emaillinkid=card_art&ZID=bottomright&mcell=1010 HTTP 302
https://online.citi.com/US/JSO/signon/DisplayUsernameSignon.do?userType=tyLogin&locale=en_US&TYNewUser=false&TYForgotUUID=false&TYMigration=&SAMLPostURL=https://www.thankyou.com//gateway2.htm&ErrorCode=&TYPostURL=https://www.thankyou.com//tyLoginGateway.htm&cmp=EMC-CRG0780012.01 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 25- https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1601389284642 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1601389284642
- https://cm.everesttech.net/cm/dd?d_uuid=44614461522505419113347224304972832399 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=X3NC5AAAB0ir_BTJ
- https://metrics1.citi.com/b/ss/citinaprod/1/JS-2.0.0/s63555186440240?AQB=1&ndh=1&pf=1&t=29%2F8%2F2020%2016%3A21%3A27%202%20-120&fid=63F902CF85FB5BD0-15F73831CC713931&ce=UTF-8&pageName=thankyou%20signon%20page&g=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FuserType%3DtyLogin%26locale%3Den_US%26TYNewUser%3Dfalse%26TYForgotUUID%3Dfalse%26TYMigration%3D%26SAMLPostURL%3Dhttps%3A%2F%2Fwww.thankyou.com%2F%2Fgateway2.htm%26ErrorCode%3D%26TYPostURL%3Dhttps%3A%2F%2Fwww.thankyou.com%2F%2FtyLoginGateway.h&c.&visitStart=1&.c&cc=USD&ch=us&v0=EMC-CRG0780012.01&c1=other&h1=us%2Fother%2Fpublic%2Fthankyou%2Fsignon&c2=public&c3=thankyou&c4=signon&c8=prelogin%20sign%20on%20page&c9=us&v9=no%20call%2C%20no%20cache&c11=English&c22=thankyou%20signon%20page&c26=no%20value&c37=na_prod&v38=thankyou%20signon%20page&v42=en_US_USTYN&v52=no%20value&c59=jUSCBOL_CustomizedThankYou&c61=21&c63=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FuserType%3DtyLogin%26locale%3Den_US%26TYNewUser%3Dfalse%26TYForgotUUID%3Dfalse%26TYMigration%3D%26SAMLPostURL%3Dhttps%3A%2F%2Fwww.thankyou.com%2F%2Fgateway2.htm%26ErrorCode%3D%26TYPostURL%3Dhttps%3A%2F%2Fwww.thankyou.com%2F%2FtyLoginGateway.htm%26cmp%3DEMC-CRG0780012.01&c64=10%3A21AM&v64=10%3A21AM&c65=Tuesday&v65=Tuesday&c66=Tuesday%7C10%3A21AM&v67=New&v68=1&c69=not%20logged%20in&c73=354602%2C578278%2C358910%2C552021%2C373773%2C490004%2C622672%2C624610%2C531459%2C507276%2C600937%2C593700%2C495376%2C495377%2C593103%2C584566%2C495374%2C495375%2C573017%2C522574%2C652314%2C588511%2C639140%2C542251%2C632449%2C522572%2C490141%2C580663%2C626438%2C654259%2C515853%2C522576%2C562734%2C551962%2C582775%2C494437%2C551970%2C571630%2C385436%2C572752%2C609397%2C609396%2C388219%2C569456%2C565689%2C606935%2C512346%2C578262%2C521100%2C578343%2C359218%2C528144%2C488122%2C572750%2C359214%2C486892%2C510670%2C369351&v73=medium%7C1600&v79=3afd3d39-ebdc-416a-825a-65ff4374b3ba&v87=online.citi.com&v96=cl%7Cbos%3Ana%7Cdsa%3Ana%7Cax%3Ano%20call%7Cdsr%3Ana%7Crf%3A-%7Ccms%3A-&v114=%23&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=tm%26cmp%3DEMC-CRG0780012.01&AQE=1 HTTP 302
- https://metrics1.citi.com/b/ss/citinaprod/1/JS-2.0.0/s63555186440240?AQB=1&pccr=true&vidn=2FB9A1740515E5AE-600008C8A338E10E&ndh=1&pf=1&t=29%2F8%2F2020%2016%3A21%3A27%202%20-120&fid=63F902CF85FB5BD0-15F73831CC713931&ce=UTF-8&pageName=thankyou%20signon%20page&g=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FuserType%3DtyLogin%26locale%3Den_US%26TYNewUser%3Dfalse%26TYForgotUUID%3Dfalse%26TYMigration%3D%26SAMLPostURL%3Dhttps%3A%2F%2Fwww.thankyou.com%2F%2Fgateway2.htm%26ErrorCode%3D%26TYPostURL%3Dhttps%3A%2F%2Fwww.thankyou.com%2F%2FtyLoginGateway.h&c.&visitStart=1&.c&cc=USD&ch=us&v0=EMC-CRG0780012.01&c1=other&h1=us%2Fother%2Fpublic%2Fthankyou%2Fsignon&c2=public&c3=thankyou&c4=signon&c8=prelogin%20sign%20on%20page&c9=us&v9=no%20call%2C%20no%20cache&c11=English&c22=thankyou%20signon%20page&c26=no%20value&c37=na_prod&v38=thankyou%20signon%20page&v42=en_US_USTYN&v52=no%20value&c59=jUSCBOL_CustomizedThankYou&c61=21&c63=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FuserType%3DtyLogin%26locale%3Den_US%26TYNewUser%3Dfalse%26TYForgotUUID%3Dfalse%26TYMigration%3D%26SAMLPostURL%3Dhttps%3A%2F%2Fwww.thankyou.com%2F%2Fgateway2.htm%26ErrorCode%3D%26TYPostURL%3Dhttps%3A%2F%2Fwww.thankyou.com%2F%2FtyLoginGateway.htm%26cmp%3DEMC-CRG0780012.01&c64=10%3A21AM&v64=10%3A21AM&c65=Tuesday&v65=Tuesday&c66=Tuesday%7C10%3A21AM&v67=New&v68=1&c69=not%20logged%20in&c73=354602%2C578278%2C358910%2C552021%2C373773%2C490004%2C622672%2C624610%2C531459%2C507276%2C600937%2C593700%2C495376%2C495377%2C593103%2C584566%2C495374%2C495375%2C573017%2C522574%2C652314%2C588511%2C639140%2C542251%2C632449%2C522572%2C490141%2C580663%2C626438%2C654259%2C515853%2C522576%2C562734%2C551962%2C582775%2C494437%2C551970%2C571630%2C385436%2C572752%2C609397%2C609396%2C388219%2C569456%2C565689%2C606935%2C512346%2C578262%2C521100%2C578343%2C359218%2C528144%2C488122%2C572750%2C359214%2C486892%2C510670%2C369351&v73=medium%7C1600&v79=3afd3d39-ebdc-416a-825a-65ff4374b3ba&v87=online.citi.com&v96=cl%7Cbos%3Ana%7Cdsa%3Ana%7Cax%3Ano%20call%7Cdsr%3Ana%7Crf%3A-%7Ccms%3A-&v114=%23&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=tm%26cmp%3DEMC-CRG0780012.01&AQE=1
- https://px0.pbbl.co/ns/__p2.gif?ppid=667e9e17-f3e5-4a2b-bd90-6c1a5ef55003&chk=false&brid=1560&brcid=&email=&orderId=&orderValue=&productId=&offerCode=&label=&pageUrl=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FuserType%3DtyLogin%26locale%3Den_US%26TYNewUser%3Dfalse%26TYForgotUUID%3Dfalse%26TYMigration%3D%26SAMLPostURL%3Dhttps%3A%2F%2Fwww.thankyou.com%2F%2Fgateway2.htm%26ErrorCode%3D%26TYPostURL%3Dhttps%3A%2F%2Fwww.thankyou.com%2F%2FtyLoginGateway.htm%26cmp%3DEMC-CRG0780012.01&referrerUrl=&targetUrl=https%3A%2F%2Fonline.citi.com%2FUS%2FJSO%2Fsignon%2FDisplayUsernameSignon.do%3FuserType%3DtyLogin%26locale%3Den_US%26TYNewUser%3Dfalse%26TYForgotUUID%3Dfalse%26TYMigration%3D%26SAMLPostURL%3Dhttps%3A%2F%2Fwww.thankyou.com%2F%2Fgateway2.htm%26ErrorCode%3D%26TYPostURL%3Dhttps%3A%2F%2Fwww.thankyou.com%2F%2FtyLoginGateway.htm%26cmp%3DEMC-CRG0780012.01&sessionId=&markerType=seg&rand=eiTgqyIMx1T8mSkI&iabOptOut=-&jsVer=3.2.1&frVer=1.1&markerId=348192 HTTP 302
- https://aa.agkn.com/adscores/g.pixel?sid=9212282598&_ppid=667e9e17-f3e5-4a2b-bd90-6c1a5ef55003&_segid=99&iid=64d96b3d-fa9e-4836-bb74-bb3c120f6d08 HTTP 302
- https://px0.pbbl.co/adadvisor.gif?segment=000&_ppid=667e9e17-f3e5-4a2b-bd90-6c1a5ef55003&_segid=99&_zip=&hk=&iid=64d96b3d-fa9e-4836-bb74-bb3c120f6d08&mt=&bd=
124 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
DisplayUsernameSignon.do
online.citi.com/US/JSO/signon/ Redirect Chain
|
256 KB 129 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendor.js
online.citi.com/CBOL/common/ui/ddl/theme/latest/scripts/ |
204 KB 64 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tagging.js
online.citi.com/CBOL/taggingTransformation/ |
58 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ddl.min.css
online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/ |
624 KB 69 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jfpm.autocomplete.off.js
online.citi.com/JFP/js/modules/ |
1 KB 864 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main_branding.css
online.citi.com/GFC/branding/responsivebranding/css/ |
273 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer.css
online.citi.com/GFC/branding/ThankYou/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Bootstrap.js
nexus.ensighten.com/citi/na_prod/ |
278 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
homePage.min.css
online.citi.com/loginpage/styles/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.tmpl.js
online.citi.com/JFP/js/jquery/plugins/ |
6 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fp.min.js
online.citi.com/JSO/js/ |
15 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bcsid.js
online.citi.com/passivebio/ |
947 B 947 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
BiocatchATO.js
online.citi.com/passivebio/ |
698 KB 142 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Citi-Thankyou.png
online.citi.com/GFC/branding/ThankYou/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.css
online.citi.com/GFC/branding/responsivebranding/css/ |
46 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modernizr-2.6.2.js
online.citi.com/JFP/js/widgets/ |
15 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jfpw.accordion-menu.js
online.citi.com/JFP/js/widgets/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rsa.js
online.citi.com/CBOL/sec/debcaract/js/ |
36 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
TMXProfiling.js
online.citi.com/TMX/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
le-mtagconfig.js
online.citi.com/JRS/js/chat/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
LPAttributes.js
online.citi.com/JRS/js/chat/ |
14 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chatMask.js
online.citi.com/JRS/js/chat/ |
802 B 809 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chatLPHandler.js
online.citi.com/JRS/js/chat/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chatSiteCatTagging.js
online.citi.com/JRS/js/chat/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cobrowse_overlay.css
online.citi.com/GPS/portal/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tagging_transformation.json
online.citi.com/gcgapi/prod/public/v1/staticcms/USGCB/en_US/appid/ |
671 KB 102 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
363 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serverComponent.php
nexus.ensighten.com/citi/na_prod/ |
1 KB 731 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Interstate-Light.woff
online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/fonts/interstate/ |
74 KB 74 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
d4965486-cefa-48c4-a9e6-1157345c8c0e
https://online.citi.com/ |
168 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tags.js
content22.online.citi.com/fp/ |
49 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ThankYou.jpg
online.citi.com/JSO/loginpage/ |
701 KB 703 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
arrow-dropdown-down.svg
online.citi.com/CBOL/common/ui/ddl/theme/latest/images/icons/svgs/arrows/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Interstate-Bold.woff
online.citi.com/CBOL/common/ui/ddl/theme/latest/styles/fonts/interstate/ |
70 KB 71 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fdf45a7c15c1cee06bb71e10dac4e26e.js
nexus.ensighten.com/citi/na_prod/code/ |
989 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
9a7b351075739244d9493ff5f4557b10.js
nexus.ensighten.com/citi/na_prod/code/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
8637af7c210f4e79436bc39f71b49bfa.js
nexus.ensighten.com/citi/na_prod/code/ |
1 KB 737 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
557566dc60916e3de69e006bef252459.js
nexus.ensighten.com/citi/na_prod/code/ |
2 KB 961 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c1a82ac98e4d4e503dc1bf30d0ee425e.js
nexus.ensighten.com/citi/na_prod/code/ |
2 KB 861 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
311098be5b71dfdff3c6fe2e8f229f55.js
nexus.ensighten.com/citi/na_prod/code/ |
100 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
99c2edc318998e53970675ad2ff59f88.js
nexus.ensighten.com/citi/na_prod/code/ |
111 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gateway.min.js
gateway.foresee.com/sites/citithankyou/production/ |
56 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Citi-Branding-Sprite.png
online.citi.com/GFC/branding/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tag.js
lptag.liveperson.net/tag/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
dest5.html
citi.demdex.net/ Frame 136B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
metrics1.citi.com/ |
48 B 478 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=X3NC5AAAB0ir_BTJ
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
90 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bk-coretag.js
tags.bkrtx.com/js/ |
31 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tc.min.js
c1.rfihub.net/js/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
.jsonp
lptag.liveperson.net/lptag/api/account/50929468/configuration/applications/taglets/ |
284 KB 103 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fs.record.js
gateway.foresee.com/code/19.6.8/ |
61 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fs.utils.js
gateway.foresee.com/code/19.6.8/ |
82 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fs.trigger.js
gateway.foresee.com/code/19.6.8/ |
30 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
idr.js
a.rfihub.com/ |
83 B 678 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
90 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
90 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
lp-01.chat.online.citi.com/api/account/50929468/configuration/setting/accountproperties/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
taglet_v2.2.js
static-assets.fs.liveperson.com/citi/taglets/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zones
lp-01.chat.online.citi.com/api/account/50929468/configuration/le-campaigns/ |
5 KB 1020 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
ca.html
20766699p.rfihub.com/ Frame E06E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cr.png
contents3.00110.citi.com/api/v1/ |
4 B 397 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
TMXProfile.jws
online.citi.com/US/REST/ManageTMXProfile/ |
264 B 944 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tags.js
content22.online.citi.com/fp/ |
49 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
425466.html
sr.rlcdn.com/ Frame 8EDD |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
embed.js
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1560.js
cdn.pbbl.co/r/ |
32 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
check.js;CIS3SID=67976A93C8D450F65E37A1CD641DB509
content22.online.citi.com/fp/ Frame 0976 |
174 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 0976 |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 0976 |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
63068
stags.bluekai.com/site/ Frame 66E9 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
storage.secure.min.html
lpcdn.chat.online.citi.com/le_secure_storage/3.10.0.1-release_5033/ Frame AF4B |
38 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
check.js;CIS3SID=40DB560ABF04134584AF178535767951
content22.online.citi.com/fp/ Frame CDA9 |
174 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame CDA9 |
81 B 474 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame CDA9 |
81 B 474 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generic1601258650900.js
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/ |
356 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pp.html
cdn.pbbl.co/i/ Frame F7E7 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 0976 |
81 B 531 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ls_fp.html;CIS3SID=67976A93C8D450F65E37A1CD641DB509
content22.online.citi.com/fp/ Frame 3B4D |
48 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 0976 |
0 388 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sid_fp.html;CIS3SID=67976A93C8D450F65E37A1CD641DB509
h.online-metrix.net/fp/ Frame 7322 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 0976 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
top_fp.html;CIS3SID=67976A93C8D450F65E37A1CD641DB509
content22.online.citi.com/fp/ Frame C68C |
47 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 0976 |
0 218 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
89oebq5kxcr3y72iozsn5deq4lvf2s6natzr77jyb40b017a1adcd64dam1.e.aa.online-metrix.net/fp/ Frame 0976 |
81 B 438 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
420 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s63555186440240
metrics1.citi.com/b/ss/citinaprod/1/JS-2.0.0/ Redirect Chain
|
43 B 267 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
.jsonp
lptag.liveperson.net/lptag/api/account/50929468/configuration/applications/taglets/ |
12 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear1.png;CIS3SID=67976A93C8D450F65E37A1CD641DB509
content22.online.citi.com/fp/ Frame 0976 |
0 386 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 0976 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cool-2.1.15.min.js
nebula-cdn.kampyle.com/resources/onsite/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1592741950571_CTA_Feedback(final).png
resources.digital-cloud-citi.medallia.com/wdcusciti/50/resources/image/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 3B4D |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adadvisor.gif
px0.pbbl.co/ Redirect Chain
|
42 B 132 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame CDA9 |
81 B 530 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ls_fp.html;CIS3SID=40DB560ABF04134584AF178535767951
content22.online.citi.com/fp/ Frame 7BFB |
48 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame CDA9 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sid_fp.html;CIS3SID=40DB560ABF04134584AF178535767951
h.online-metrix.net/fp/ Frame 1C11 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame CDA9 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
top_fp.html;CIS3SID=40DB560ABF04134584AF178535767951
content22.online.citi.com/fp/ Frame E26C |
47 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame CDA9 |
0 219 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
89oebq5kozitf5zyuxbugh4stmsdoa5wlb4pa4ap22322e055d970a9bam1.e.aa.online-metrix.net/fp/ Frame CDA9 |
81 B 438 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ |
0 317 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 7BFB |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear1.png;CIS3SID=40DB560ABF04134584AF178535767951
content22.online.citi.com/fp/ Frame CDA9 |
0 386 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
50929468
lp-03.chat.online.citi.com/api/js/ |
233 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame CDA9 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
.jsonp
lptag.liveperson.net/lptag/api/account/50929468/configuration/applications/taglets/ |
12 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
50929468
lp-03.chat.online.citi.com/api/js/ |
233 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
50929468
lp-03.chat.online.citi.com/api/js/ |
92 B 837 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
50929468
lp-03.chat.online.citi.com/api/js/ |
111 B 853 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame 0976 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
content22.online.citi.com/fp/ Frame CDA9 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
.jsonp
lptag.liveperson.net/lptag/api/account/50929468/configuration/applications/taglets/ |
12 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
50929468
lp-03.chat.online.citi.com/api/js/ |
233 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
50929468
lp-03.chat.online.citi.com/api/js/ |
42 B 792 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
50929468
lp-03.chat.online.citi.com/api/js/ |
110 B 853 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
.jsonp
lptag.liveperson.net/lptag/api/account/50929468/configuration/applications/taglets/ |
12 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
50929468
lp-03.chat.online.citi.com/api/js/ |
232 B 941 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
50929468
lp-03.chat.online.citi.com/api/js/ |
42 B 790 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
50929468
lp-03.chat.online.citi.com/api/js/ |
110 B 853 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
.jsonp
lptag.liveperson.net/lptag/api/account/50929468/configuration/applications/taglets/ |
12 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
50929468
lp-03.chat.online.citi.com/api/js/ |
232 B 944 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
50929468
lp-03.chat.online.citi.com/api/js/ |
42 B 792 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
50929468
lp-03.chat.online.citi.com/api/js/ |
110 B 853 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
.png%22){kind=link}
.png){kind=link}
.png){kind=link}
Verdicts & Comments Add Verdict or Comment
333 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| UIEvent object| trustedTypes function| $ function| jQuery object| jQuery19109948556378966376 object| respond function| _trackAnalytics object| _dl undefined| copyNextSource object| configs object| taggingDataLayer string| ua string| domainVal string| localeVal number| d string| expires string| module string| lang string| searchEnable string| userRole string| visitor string| isLoggedin string| _j object| citiData string| pageDef string| _server string| _site string| pageName boolean| isLEChatDisable string| _locale string| _f object| ensBootstraps object| Bootstrapper function| Visitor object| s_c_il number| s_c_in object| adobe_visitor function| targetPageParams object| adobe function| mboxCreate function| mboxDefine function| mboxUpdate string| bcCookieName string| bcsid function| setBCCookie function| getBCCookie object| _prev_dl object| cdwpb object| cdApi function| getParentLocation function| isSelfLoc function| isXFSWhiteListed string| parentLocation boolean| XFSWhitelisted string| domainName string| JFP_CSRF_TOKEN object| OBJ_JFP_CSRF_TOKEN boolean| isCSRFAutomationEnabled function| isValidDomain function| isValidUrl function| addExtraField function| MAC8P4dvDv16V function| WOvvdKTmYn11 function| FqY2LRqewPcqYA string| message string| tmx_sessionid string| tmxOrgId string| JSLink object| JSElement boolean| iOS object| html5 object| Modernizr function| yepnope object| commonContent function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| UIEventCollector function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity function| checkTMXProfiling function| getCookie boolean| flagvalue object| error_handler object| validator_list object| utils object| customPage function| OpenInNewTab function| fsReady undefined| targetElement function| openlink function| getRequestParams function| nullCheck object| maskJsonCommon object| maskJsonForModule string| LPAccount string| chatObjName string| lpVersion object| lpTag object| live_engage_section_array object| ProductTypes object| BusPhDevType string| AlertDisplayed string| IsIPB object| ErrorCount string| userBranding object| HomePhInd object| SBOB_Tier_Type object| LIKELY_TO_ATTRITE string| IsCPC object| InterdictionFailed string| CBOL_UserSegment string| IsCPCI object| CONSUMER_CLIENT_CODE object| BusPhInd object| InterdictionPassed string| CBOL_IsBillPayActive string| VisitorType string| IsGEB object| SiteID object| LIKELY_TO_ATTRITE_ACTION_TAG string| CopsUser object| MobPhInd object| HomePhDevType string| AvatarSPFExperience object| PID string| LoggedIn object| MobPhDevType string| CBOL_IsBillPayEnrolled object| CardHolderType string| lpCType string| lpCStatus string| lpChannel string| lpCampaignID string| lpAffiliate object| myObj object| LPCustomerInfo object| LPPersonalInfo undefined| myPhone object| LPMarketingSource object| LPLead object| LPServiceActivity object| LPErrorArray function| setErrorCode string| lpChatType string| lpAgentName string| lpCoBrowse function| identityFn undefined| ChatMaskFunction boolean| isConversationTopic object| conversationTopicArray function| addChatVariables function| getChatObjName function| getChatLPVersion function| createConversationVariable function| populateConvVarObjArray function| pushServiceAttribute function| getLPChatObj function| addChatScopeVars function| pushLEVars function| getContextPath function| injectChatDiv function| pushLEVarsAjax function| createServiceVariable function| populateSection function| LPGetAuthenticationToken number| lp object| chatObject function| firstCobrowseOverlay function| hideOverlay function| cobrowseOverlay function| showAlert function| requestCobrowse function| $autocomplete function| disableAutocomplete function| AppMeasurement number| s_objectID number| s_giq string| rsidAry object| s_tms object| dataLayer function| gtag function| bk_async object| val function| asyncpost_deviceprint string| Uy1TeSYy6FtXxjvDai7 string| bQbeZ1et6VmK1LGXuZQzd string| gYJGiZ2LL2yeS1Z5hRje function| _rfi object| td_1D function| tmx_run_page_fingerprinting boolean| tmx_profiling_started function| tmx_post_session_params_fixed object| td_0x function| _acsDefine function| _fsDefine function| _acsRequire function| _fsRequire object| FSR object| FSFB function| _acsNormalizeUrl function| _fsNormalizeUrl function| _fsNormalizeAssetUrl function| acsReady function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut object| google_tag_manager object| google_tag_data function| _typeof function| _extends function| djv boolean| bk_use_multiple_iframes boolean| bk_allow_multiple_calls object| proxyless object| lpMTagConfig object| __fsJSONPCBr function| __fsJSONPCB function| __acsReady__ function| __fsReady__ function| removeExcessIdentities function| fixRaceConditionsWithNewPage function| removeDoubleButtons function| hideMobileButtonsBesidesContactUsPage function| alignStickyWithFeedback function| alignStickyWithFeedbackHeight function| autoCloseWindow number| counter number| reconfirmLPTaglet object| head object| styleTagLP1 string| css undefined| CCSID string| citiLocale boolean| citiNGA string| pageID object| _pp string| sName function| s_getLoadTime function| s_gi function| s_pgicq function| c_r function| c_rspers function| c_w object| s number| s_loadT object| td_2e object| td_3t object| KAMPYLE_EMBED function| setImmediate function| clearImmediate object| rs string| r object| rx object| eo number| y string| s_tnt object| s_i_citinaprod object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata function| lpCb68065x3087422 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .rfihub.com/ | Name: rud Value: H4sIAAAAAAAAAOMSNrQwByILSyBpZGZqamBiYiTEZ6hrke5dqVtYGGFk4hcpxWtoZmBobGFpZGFqaGkCAOzR9-I0AAAA |
|
| .citi.com/ | Name: tmx_digitalApptype Value: PC_BROWSER |
|
| .citi.com/ | Name: tmx_sessionid Value: 7959029db1a8d9b4b554fe6564f43bf1d57a69340cdd92a73beb688ce71dded6 |
|
| .citi.com/ | Name: _gcl_au Value: 1.1.1475912185.1601389285 |
|
| online.citi.com/ | Name: 7018 Value: |
|
| online.citi.com/ | Name: 7830 Value: error |
|
| .demdex.net/ | Name: demdex Value: 44614461522505419113347224304972832399 |
|
| .citi.com/ | Name: AMCV_61834D9B5228A7430A490D45%40AdobeOrg Value: -330454231%7CMCIDTS%7C18535%7CMCMID%7C37677268469468034442868829232609339180%7CMCAAMLH-1601994084%7C6%7CMCAAMB-1601994084%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1601396484s%7CNONE%7CMCSYNCSOP%7C411-18542%7CMCAID%7CNONE%7CvVersion%7C3.1.2 |
|
| .citi.com/ | Name: second_tmx_sessionid Value: cf40e4849e45711ff9ddabe667b837a5426267c7c86bb19a726ed881cc7102e3 |
|
| .citi.com/ | Name: CITI_SITE Value: gtdc |
|
| .citi.com/ | Name: bmuid Value: 1601389284719-91F6DA58-2385-4E90-B6C4-05D4887ACE8F |
|
| .online.citi.com/ | Name: cdContextId Value: 2 |
|
| .citi.com/ | Name: cdContextId Value: 2 |
|
| .citi.com/ | Name: TLTSID Value: 07a058985e5de6f7e7e2f46178defd9d7a95a59c4e92c4ad61e498762ef873f9 |
|
| online.citi.com/ | Name: JSESSIONID Value: 0000DuujieJPtzTnuSL5zivV7OD:gt67p-srv1 |
|
| .citi.com/ | Name: bcsid Value: 5D8CD7DC83ECA81A1C824EF937E70584 |
|
| .citi.com/ | Name: s_ecid Value: MCMID%7C37677268469468034442868829232609339180 |
|
| .online.citi.com/ | Name: locale Value: en_US |
|
| .citi.com/ | Name: cdSNum Value: 1601389285204-sjn0000813-93831140-c995-4a1e-8693-9d5d6ddfaaa8 |
|
| .citi.com/ | Name: AMCVS_61834D9B5228A7430A490D45%40AdobeOrg Value: 1 |
|
| .rfihub.com/ | Name: ruds Value: H4sIAAAAAAAAAOMSNrQwByILSyBpZGZqamBiYiTEZ6hrke5dqVtYGGFk4hcJAA6AKlklAAAA |
|
| .citi.com/ | Name: AKMTLTSID Value: AB4143A921A01B10C84B23141734329F |
23 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net |
| Strict-Transport-Security | max-age=300 |
| X-Content-Security-Policy | frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
20766699p.rfihub.com
89oebq5kozitf5zyuxbugh4stmsdoa5wlb4pa4ap22322e055d970a9bam1.e.aa.online-metrix.net
89oebq5kxcr3y72iozsn5deq4lvf2s6natzr77jyb40b017a1adcd64dam1.e.aa.online-metrix.net
a.rfihub.com
aa.agkn.com
c1.rfihub.net
cdn.pbbl.co
citi.demdex.net
cm.everesttech.net
content22.online.citi.com
contents3.00110.citi.com
dpm.demdex.net
gateway.foresee.com
h.online-metrix.net
lp-01.chat.online.citi.com
lp-03.chat.online.citi.com
lpcdn.chat.online.citi.com
lptag.liveperson.net
metrics1.citi.com
nebula-cdn.kampyle.com
nexus.ensighten.com
online.citi.com
px0.pbbl.co
resources.digital-cloud-citi.medallia.com
sr.rlcdn.com
stags.bluekai.com
static-assets.fs.liveperson.com
tags.bkrtx.com
thankyou.citi.com
udc-neb.kampyle.com
www.googletagmanager.com
www.thankyou.com
104.103.78.138
104.108.63.235
104.109.92.187
13.225.73.20
143.204.94.11
15.236.9.100
151.101.13.175
151.101.194.133
159.127.187.155
159.127.208.20
178.249.101.23
18.195.42.228
184.30.210.81
193.0.160.128
208.89.12.87
2a00:1450:4001:801::2013
2a00:1450:4001:809::2008
2a00:1450:4001:81a::2008
2a03:6400:10:0:178:249:97:98
2a03:6400:10:0:178:249:97:99
34.249.46.6
35.241.45.82
35.244.245.222
52.141.218.213
52.28.175.104
54.154.62.31
66.117.28.86
91.235.132.130
91.235.133.67
91.235.134.131
99.86.243.18
013e591f755f081c0dca82a44fe10ec5119bf3621a0769989eddb6a51a0e26c7
01489a476b4554af217a5b2a6cf2d5e87c8a628bbc78c302a632d72ec824e708
015e6103bdf04fef85eeb4c098ee7f0fa746ece89b30738106a50fa64b40d444
03c736ca1c90e26743865ed80c9766f84ca237b0dc572fab630737aaef70d171
06dfb367edf9bbff810def9f75f8695b3ccfbcb2813306609fc6e18fcacfc17e
07bfad77c7f8032108227f9489733fa4c62724a60ad016c083d1f82cc72b0063
0aa5d7acd53d6f73b4ac08bf6e99198f3cca15f6ded0efadc8b8a383ae824980
0c6df04bbd3bb79a0cff6479b79137e17eb7e3ff616e9dd9508be396d9fa2ca0
0ce3adf94d103c61df01f3735e92216bf2b424a1d3cd4fb1563508f6d1e39c29
0f0a91324802b248c7e2c624ffe7bc5fdc945c840d141cb7374dd6149750a7ee
0f5de2f9da1bb346abebdae4127db29e587095c66f3539b5eb8c392e853d3af3
157430093a6d2ee63082eae5dabf826926d3b6259d33482aa6713c48728e82fa
1789c9f0d05885053e041a64847f4d9244e593fbbd59acf75c6077ee772e9564
178f6fad63d4236044e6cf2c7293fc0679fcdb78fa13ec87a52964b5524e4716
1855a50f9593d06a3465f3677445e6a4fba2ebd59a86cef398512ea9ab2ea0f6
2035002d9fa338dbf45751e5c3f916d69cca93486c3e2d4db05817faa6447b67
242cb1fe2274ec738de60067a2c54568126e01792e55d2db82f8cfb48cbb4f24
25f4eeb23f67fe1d74534ed37230ecd54ab4f57524276970dcbeaaf3b0fc64f9
2821e62d57d85f69f0db627fb92cedd4c13488e927c24983c566887e7a92e8e5
31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716
3580773ed9ca515060fa99db9f30c91c28fe64a5674e5b9a241af5b7733b560c
360c503e6eb58e095c3bf8b28cf34227ac8faebe491141b3873e20b74a33967b
3975b76cc53eb1aeb0a232bc60d18c3aa1ddd3e8a7a08db6abbc14392662ca67
3cdfe9ba7795ab392a51ca638aa92dbd285f5182a9760df149da858b9475af5d
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
3fca3de24621f0f10186594054444d608016297c2e853e548710b3521e42a609
41a0f71e6a35be385ce9ed32dc98d4a45832e59c168c28139e679ee75288e8b5
476b7727fa249a10be611286fe5bd66c270340b15944aecb9e263d53b4b0195d
4872a31684ed0aebe597d43e1185f1911f412c310b1dd06401a9da51828fa2a2
4e4ab72725ca42cc6c17f9f590583a9cee49c62e570be8734ee1107bffc3a200
51ae37d6c7ae7327c5ff7263e9258d998d303fda16ed063fea667c23030f83c1
526ecbfda04e308f90edb0153c851212c52048dc779fd0b2ad7c07f30757864f
57d2da56bf34e445e118b213e19860af009e9109ea36c0f73c94027e4696e0f5
5c3344d6f25b95a3561326b43bdea1a94d3dcd65097a6db527442978a3ebf86f
5c89ced709eea1940ac9d955c373db2211ea68df46882fbfdc29afce1fef69e9
5e618c111ca132b80545bda22b41c930f1a370b4750bfc127476803b6fa26690
5fed06c270b4eefc001f362ca7a78b8a5430441b61a9389b7e591224b786503c
615e1ef16b0f59148edaf14de1f17431137b6251a8505b10745541128efe162d
629b48196dcc270143a42ce57535b251c655617f8d510277d4a05306c426fd38
717f12329a056efae65c7ab10d8431327ff9c314e7b4df47815442d99fb02982
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
793c2f3d02d0bc3ad8a2cdc901b2134159b66245e951ac258fee1ac8b2709f44
79870591b22b013171ce01beccaa6671cf278953d613691b19060140097ce2c3
799b3441638d39c44c00a199ecd3dec31d13b4e4103839b6f321f72ce5c1e7f7
7afe38f32e579a288de8f251d627ed66d4293977ec24f06d25eac4e5a92b71ac
7b4a1d53c179154285284c81ce107b9dd4a02a21f9c123c7501bf4a30177ebe7
7d481eb36581746fd3662c7c452856b695df90cdce24664c48f565aa119c8b16
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110
7e46e02ad6a40c475c2eec66ce5f66bec4aa8601415a534fec1e6e26ecfca663
81affcfb1bbe1cb5141f0f801523c49ca32e631606d0bc57d30bcb972af3082a
852bbf67c9988f8ed7e43118f914e581efb96fa4eb6d06eaf626672df92ce5fe
85eedf8859396c0a29c427dfab2c8543ef8100026fa8d77a69728737a65476d2
914403b3be0b02ce6722deb930e9ede79841a1c4705ff1e8fdf6e8a76cfff482
92861ebb7d832a714480a5b33cd9f11b2587406e5728d010a8ff7285d9c511be
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
95fee5c0c07c5bf834c9c3d6678d686b9825bb2e3de1cc22dcade495349fb242
96a8568336b187241ee3fff74847d757c25ee6c6cff67295be9ff4be8ea2f640
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9227aa658061dcca4a55c86ca9b517d5b44f03eeac9c3849af1bd8e771ad51
9dad502247a8488c21ef5beb32aed1a78b17b748711bec817c472911f76b4ead
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2d6045bdb7627674cfbca5eabfba0b1ce71fee823c99bf19ca492693aecf936
a70821e6424283e1713eb4f44945415163e6f02290cadf8fa7e71e7dc0337899
a9623118fb6ec3944d1312cd0d492c3f32455e89bc1e01eafa67628a309d9c60
b3601f582b4f4108514d25470fd306991632a98542569e15c3a25da8a64a3c81
b381eaccfca885e5455f9585d1789bf31b0b06bbb4c1592c08723fcc0d225feb
b527ff8f2705973222d157842b57b19762cd73f0053116d9ae3a8c7fac7e5c01
bfee92627d3ee6ef32f79d53989ba3e960cd5edfafd764f8089e1ad18c18327f
c03443c95fca2538c411e88702491565c1ea2662ddbc0733b5acdbffc2125017
c2f312ddb77bec10a33cce6e41f5d8d45f42531d7c1ce41c78fb58668be652fa
c3c994c3fe9bd4e055f6d0eb42067ecd6bdd3247e136bc22835b9882cfe77c61
c657e07408dbbea092f0debde9d99f631cc1771a645e957eaf02e1a5dd1b60b5
c6c40bd3fc6c2adebe8d892bcbed92c03ee4dbe582f6304f9eee4ae365bdcdfb
c9e14253e4c22e98945e45a455a7e7f967c183a62f032e4264fb073dec2ee0e8
ca99ffb7633ae3c0a6bc357abc80e00a5236dcfe66cc915d805582cf8e05c983
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e
d39a392943baf815cb7728e27d5a912eb2e6da02cfa63fb43b4dad1f7a5a5f72
d57d88d75a6b978bccea69f0ddf436826b570c9b911889a2718a59e1fa521a6d
d8b32a1e0f5d3d3d05cda5e3e109a8198be3ceca3ae8b4fe63d2bd471920ef7f
e1739237d530e65b6e4b1a4d0a11223446e78b94d4dd7db657f48fede05e1d6e
e1f473983c0fd72a542ea1bc830eecea1e2ee62d67b2f1bb455963ad22ec7769
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e524a368fa3b7da146675944a77576cdb2c498673184d1dc5157ebda0df4eded
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
ec5a129cf3f2a541423927ce779d4a85dbf647615eeb3c694bc2940fae70fae4
ed48ae9c1a324d49404d9fb4c508b880ca97a65f8fd21d352e241d1e4dfc50e2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef72134da48ff0f5dcc948bd13ab14e28d4d1c8322e71fa2a4796168284b0aef
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f62d52a7ff8957da4c0bb6357b4a9c1550cee0ebd00922d62aca8f4ac13ca63e
fdaf50ba7dfdf74a600dbb9a28a4ebfc536486d8f1e23296d7dfb33d843e1c3b
ff2631e3ff27482f9c7e83d41e5f90cca00fbca2fe749c24fae417bd8735ce09