www.citicards.com
Open in
urlscan Pro
104.108.44.35
Public Scan
Submitted URL: http://l.info12.citi.com/rts/go2.aspx?h=3446669&tp=i-H43-Q3d-RXc-2t9x3h-25-wTJ0-1c-2qSK4w-1Zp29c&x=760185554
Effective URL: https://www.citicards.com/cards/credit/application/flow.action?ID=Invite&app=NPS&invite=760185554&cmp=EMC~01~181015~CARDSA...
Submission: On November 03 via api from US
Effective URL: https://www.citicards.com/cards/credit/application/flow.action?ID=Invite&app=NPS&invite=760185554&cmp=EMC~01~181015~CARDSA...
Submission: On November 03 via api from US
Summary
This website contacted 23 IPs
in 6 countries
across 21 domains to perform 95 HTTP transactions.
The main IP is 104.108.44.35, located in
Amsterdam, Netherlands and
belongs to AKAMAI-AS - Akamai Technologies, Inc., US.
The main domain is www.citicards.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 15th 2018. Valid for: a year.
This is the only time www.citicards.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 15th 2018. Valid for: a year.
This is the only time www.citicards.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 173.213.4.76 173.213.4.76 | 53316 (ASN-CHEET...) (ASN-CHEETA-MAIL - CHEETAHMAIL) | |
| 10 | 104.108.44.35 104.108.44.35 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 24 | 52.57.223.117 52.57.223.117 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 172.227.107.63 172.227.107.63 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 23 | 2a00:1450:400... 2a00:1450:4001:81d::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 104.66.106.214 104.66.106.214 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 1 | 204.79.197.200 204.79.197.200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
| 1 | 23.210.249.20 23.210.249.20 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 1 | 107.23.87.2 107.23.87.2 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 | 46.228.164.13 46.228.164.13 | 56396 (TURN) (TURN) | |
| 1 | 52.222.161.12 52.222.161.12 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 2 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
| 1 | 172.217.22.98 172.217.22.98 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 193.0.160.129 193.0.160.129 | 54312 (ROCKETFUEL) (ROCKETFUEL - Rocket Fuel Inc.) | |
| 6 | 2a00:1450:400... 2a00:1450:4001:824::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 1 | 35.186.234.100 35.186.234.100 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 4 6 | 35.156.61.26 35.156.61.26 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 2 2 | 54.82.158.121 54.82.158.121 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 | 107.178.254.65 107.178.254.65 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 2 | 104.108.51.30 104.108.51.30 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 1 | 147.75.102.200 147.75.102.200 | 54825 (PACKET) (PACKET - Packet Host) | |
| 2 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
| 6 | 2a00:1450:400... 2a00:1450:4001:81c::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 6 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 185.31.128.128 185.31.128.128 | 54312 (ROCKETFUEL) (ROCKETFUEL - Rocket Fuel Inc.) | |
| 1 2 | 63.140.43.86 63.140.43.86 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
| 95 | 23 |
1
173.213.4.76
(New York, United States)
ASN53316 (ASN-CHEETA-MAIL - CHEETAHMAIL, US)
ASN53316 (ASN-CHEETA-MAIL - CHEETAHMAIL, US)
| l.info12.citi.com |
10
104.108.44.35
(Amsterdam, Netherlands)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-44-35.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-44-35.deploy.static.akamaitechnologies.com
| www.citicards.com |
24
52.57.223.117
(Frankfurt, Germany)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-223-117.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-223-117.eu-central-1.compute.amazonaws.com
| nexus.ensighten.com |
1
172.227.107.63
(Cambridge, United States)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a172-227-107-63.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a172-227-107-63.deploy.static.akamaitechnologies.com
| tags.bkrtx.com |
1
104.66.106.214
(Amsterdam, Netherlands)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-66-106-214.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-66-106-214.deploy.static.akamaitechnologies.com
| stags.bluekai.com |
1
204.79.197.200
(Redmond, United States)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net
| bat.bing.com |
1
23.210.249.20
(Cambridge, United States)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-249-20.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-249-20.deploy.static.akamaitechnologies.com
| c1.rfihub.net |
1
107.23.87.2
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-23-87-2.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-23-87-2.compute-1.amazonaws.com
| sr.rlcdn.com |
1
52.222.161.12
(Seattle, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-161-12.fra54.r.cloudfront.net
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-161-12.fra54.r.cloudfront.net
| vt.myvisualiq.net |
2
2a03:2880:f02d:12:face:b00c:0:3
(Ireland)
ASN32934 (FACEBOOK - Facebook, Inc., US)
ASN32934 (FACEBOOK - Facebook, Inc., US)
| connect.facebook.net |
1
172.217.22.98
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f98.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f98.1e100.net
| www.googleadservices.com |
1
35.186.234.100
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: 100.234.186.35.bc.googleusercontent.com
ASN15169 (GOOGLE - Google LLC, US)
PTR: 100.234.186.35.bc.googleusercontent.com
| tapestry.tapad.com |
6
35.156.61.26
(Frankfurt, Germany)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-61-26.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-61-26.eu-central-1.compute.amazonaws.com
| t.myvisualiq.net |
2
54.82.158.121
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-82-158-121.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-82-158-121.compute-1.amazonaws.com
| idsync.rlcdn.com |
1
107.178.254.65
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: 65.254.178.107.bc.googleusercontent.com
ASN15169 (GOOGLE - Google LLC, US)
PTR: 65.254.178.107.bc.googleusercontent.com
| pippio.com |
2
104.108.51.30
(Amsterdam, Netherlands)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-51-30.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-51-30.deploy.static.akamaitechnologies.com
| tags.bluekai.com |
2
2a03:2880:f12d:83:face:b00c:0:25de
(Ireland)
ASN32934 (FACEBOOK - Facebook, Inc., US)
ASN32934 (FACEBOOK - Facebook, Inc., US)
| www.facebook.com |
2
63.140.43.86
(Lehi, United States)
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: citi.com.ssl.sc.omtrdc.net
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: citi.com.ssl.sc.omtrdc.net
| metrics1.citi.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 24 |
ensighten.com
nexus.ensighten.com |
205 KB |
| 23 |
googletagmanager.com
www.googletagmanager.com |
717 KB |
| 10 |
citicards.com
www.citicards.com |
416 KB |
| 7 |
myvisualiq.net
4 redirects
vt.myvisualiq.net t.myvisualiq.net |
5 KB |
| 6 |
google.de
www.google.de |
654 B |
| 6 |
google.com
www.google.com |
654 B |
| 6 |
doubleclick.net
googleads.g.doubleclick.net |
7 KB |
| 3 |
rlcdn.com
2 redirects
sr.rlcdn.com idsync.rlcdn.com |
598 B |
| 3 |
bluekai.com
1 redirects
stags.bluekai.com tags.bluekai.com |
1 KB |
| 3 |
citi.com
2 redirects
l.info12.citi.com metrics1.citi.com |
3 KB |
| 2 |
facebook.com
www.facebook.com |
392 B |
| 2 |
rfihub.com
a.rfihub.com 20766698p.rfihub.com |
626 B |
| 2 |
facebook.net
connect.facebook.net |
63 KB |
| 1 |
exelator.com
loadus.exelator.com |
91 B |
| 1 |
pippio.com
pippio.com |
62 B |
| 1 |
tapad.com
1 redirects
tapestry.tapad.com |
444 B |
| 1 |
googleadservices.com
www.googleadservices.com |
9 KB |
| 1 |
turn.com
d.turn.com |
467 B |
| 1 |
rfihub.net
c1.rfihub.net |
7 KB |
| 1 |
bing.com
bat.bing.com |
265 B |
| 1 |
bkrtx.com
tags.bkrtx.com |
10 KB |
| 95 | 21 |
| Domain | Requested by | |
|---|---|---|
| 24 | nexus.ensighten.com |
www.citicards.com
nexus.ensighten.com |
| 23 | www.googletagmanager.com |
nexus.ensighten.com
|
| 10 | www.citicards.com |
www.citicards.com
|
| 6 | www.google.de | |
| 6 | www.google.com | |
| 6 | t.myvisualiq.net | 4 redirects |
| 6 | googleads.g.doubleclick.net |
www.googleadservices.com
|
| 2 | metrics1.citi.com | 1 redirects |
| 2 | www.facebook.com | |
| 2 | tags.bluekai.com | 1 redirects |
| 2 | idsync.rlcdn.com | 2 redirects |
| 2 | connect.facebook.net |
nexus.ensighten.com
connect.facebook.net |
| 1 | 20766698p.rfihub.com |
c1.rfihub.net
|
| 1 | loadus.exelator.com | |
| 1 | pippio.com | |
| 1 | tapestry.tapad.com | 1 redirects |
| 1 | a.rfihub.com |
c1.rfihub.net
|
| 1 | www.googleadservices.com |
www.googletagmanager.com
|
| 1 | vt.myvisualiq.net |
nexus.ensighten.com
|
| 1 | d.turn.com | |
| 1 | sr.rlcdn.com |
nexus.ensighten.com
|
| 1 | c1.rfihub.net |
nexus.ensighten.com
|
| 1 | bat.bing.com |
www.citicards.com
|
| 1 | stags.bluekai.com |
tags.bkrtx.com
|
| 1 | tags.bkrtx.com |
nexus.ensighten.com
|
| 1 | l.info12.citi.com | 1 redirects |
| 95 | 26 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.citi.com |
| online.citi.com |
| online.citibank.com |
| sealinfo.verisign.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.accountonline.com DigiCert SHA2 Extended Validation Server CA |
2018-08-15 - 2020-01-02 |
a year | crt.sh |
| nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2018-10-17 - 2020-01-05 |
a year | crt.sh |
| *.bkrtx.com DigiCert SHA2 Secure Server CA |
2018-02-01 - 2019-02-01 |
a year | crt.sh |
| *.google-analytics.com Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
| odc-prod-01.oracle.com DigiCert ECC Secure Server CA |
2018-01-30 - 2019-01-29 |
a year | crt.sh |
| www.bing.com Microsoft IT TLS CA 5 |
2017-07-20 - 2019-07-10 |
2 years | crt.sh |
| *.rfihub.net DigiCert SHA2 Secure Server CA |
2018-03-26 - 2019-03-26 |
a year | crt.sh |
| *.rlcdn.com Go Daddy Secure Certificate Authority - G2 |
2017-05-08 - 2019-06-21 |
2 years | crt.sh |
| *.turn.com DigiCert SHA2 Secure Server CA |
2018-01-03 - 2019-02-25 |
a year | crt.sh |
| vt.myvisualiq.net Go Daddy Secure Certificate Authority - G2 |
2016-12-12 - 2018-12-11 |
2 years | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2017-12-15 - 2019-03-22 |
a year | crt.sh |
| www.googleadservices.com Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
| *.rfihub.com DigiCert SHA2 Secure Server CA |
2016-07-20 - 2019-09-03 |
3 years | crt.sh |
| *.g.doubleclick.net Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
| t.myvisualiq.net COMODO RSA Domain Validation Secure Server CA |
2017-07-05 - 2020-07-28 |
3 years | crt.sh |
| pippio.com COMODO RSA Domain Validation Secure Server CA |
2017-10-23 - 2020-11-15 |
3 years | crt.sh |
| *.exelator.com Go Daddy Secure Certificate Authority - G2 |
2017-05-25 - 2019-06-25 |
2 years | crt.sh |
| www.google.com Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
| www.google.de Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
| metrics1.citi.com DigiCert SHA2 Extended Validation Server CA |
2018-08-31 - 2020-08-30 |
2 years | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.citicards.com/cards/credit/application/flow.action?ID=Invite&app=NPS&invite=760185554&cmp=EMC~01~181015~CARDSACQ~raf~prsp
Frame ID: 64E28E9C4FC4F34F1C9613742628F03E
Requests: 92 HTTP requests in this frame
Frame:
https://stags.bluekai.com/site/63068?ret=html&phint=language%3Den_US&phint=product&phint=event%3D&phint=category%3Dpre-login%20application&phint=page%3DApply%20for%20a%20credit%20card&phint=section1%3Dcards&phint=section2%3Dacq&phint=section3%3Dapplication&phint=section4%3DNewWelcome&phint=productID&phint=__bk_t%3DApply%20for%20a%20credit%20card%20-%20Citi.com&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DInvite%26app%3DNPS%26invite%3D760185554%26cmp%3DEMC~01~181015~CARDSACQ~raf~prsp&limit=10&r=23816446
Frame ID: 743FF2B91A4362993CDEC7BF320D2284
Requests: 1 HTTP requests in this frame
Frame:
https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 3A37859804B3F53C34F48B543352935C
Requests: 1 HTTP requests in this frame
Frame:
https://20766698p.rfihub.com/ca.html?rfiidc=639863006170619272&rfiaid=7ac423c6781d43e6ae8a1a83ba4acbfd&ver=9&ra=1526&rb=648&ca=20766698&_o=17169175&_t=cardssitevisitor&ssv_cuuid=&ssv_pagename=applyforacreditcard&pe=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DInvite%26app%3DNPS%26invite%3D760185554%26cmp%3DEMC%7E01%7E181015%7ECARDSACQ%7Eraf%7Eprsp&pf=&ra=17151521989980822
Frame ID: E97F1EA43E99AE602389A25404E765B5
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://l.info12.citi.com/rts/go2.aspx?h=3446669&tp=i-H43-Q3d-RXc-2t9x3h-25-wTJ0-1c-2qSK4w-1Zp29c&x=76...
HTTP 302
https://www.citicards.com/cards/credit/application/flow.action?ID=Invite&app=NPS&invite=760185554&cmp=... Page URL
Detected technologies
Windows Server
(Operating Systems)
Expand
Overall confidence: 50%
Detected patterns
Detected patterns
- url /\.aspx(?:$|\?)/i
Microsoft ASP.NET
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.aspx(?:$|\?)/i
RxJS
(JavaScript Frameworks)
Expand
Overall confidence: 20%
Detected patterns
Detected patterns
- env /^Rx$/i
IIS
(Web Servers)
Expand
Overall confidence: 50%
Detected patterns
Detected patterns
- url /\.aspx(?:$|\?)/i
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Code Prettify
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^prettyPrint$/i
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^google_tag_manager$/i
SiteCatalyst
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^s_(?:account|objectID|code|INST)$/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^jQuery$/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
URL: https://www.citi.com/credit-cards/creditcards/CitiHome.do
Title: Citicards.com
Title: Citicards.com
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/portal/template.do?ID=TermsDisclaimer
Title: Terms & Conditions
Title: Terms & Conditions
Search URL Search Domain Scan URL
URL: https://online.citibank.com/US/JRS/portal/template.do?ID=Privacy
Title: Privacy
Title: Privacy
Search URL Search Domain Scan URL
URL: https://sealinfo.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.citicards.com
Search URL Search Domain Scan URL
URL: https://online.citi.com/JRS/portal/template.do?ID=Privacy#ad-info-external-use
Title: AdChoices
Title: AdChoices
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://l.info12.citi.com/rts/go2.aspx?h=3446669&tp=i-H43-Q3d-RXc-2t9x3h-25-wTJ0-1c-2qSK4w-1Zp29c&x=760185554
HTTP 302
https://www.citicards.com/cards/credit/application/flow.action?ID=Invite&app=NPS&invite=760185554&cmp=EMC~01~181015~CARDSACQ~raf~prsp Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 73- https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D HTTP 302
- https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_58d5dda1-dfac-11e8-943c-0a580ad308f6
- https://t.myvisualiq.net/sync?prid=1002&ao=0&red=https://idsync.rlcdn.com/420356.gif?partner_uid=${UUID} HTTP 302
- https://idsync.rlcdn.com/420356.gif?partner_uid=0-130cb583-f454-4b47-8a4d-4cc5bfc4f1f4 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CITUGRIyCi4IARDclAEaJjAtMTMwY2I1ODMtZjQ1NC00YjQ3LThhNGQtNGNjNWJmYzRmMWY0EAAaDQjbm_jeBRIFCOgHEABCAEoA HTTP 307
- https://pippio.com/api/sync?pid=5324&_=2
- https://t.myvisualiq.net/sync?prid=BUKIPNR1&red=https://tags.bluekai.com/site/21398?id=$%7BUUID%7D HTTP 302
- https://tags.bluekai.com/site/21398?id=0-202ac87e-d069-4dd0-a8c2-de854eff6fb9 HTTP 302
- https://tags.bluekai.com/site/21398?dt=0&r=948990256&sig=3623469581&bkca=KJpnEnWN6eD01Wo1+MOwND6h1nwDBDkJ15OB+WQt6ANJ+E9NuDNn16+nLQx9buQn5y==
- https://t.myvisualiq.net/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D HTTP 302
- https://loadus.exelator.com/load/?p=204&g=1260&buid=0-c040a22f-1a7c-4e93-a99b-4be22e0fd5ed
- https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D724424851071342%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D HTTP 302
- https://www.facebook.com/tr?id=724424851071342&ev=PageView&cd[order_id]=0-3729f874-e3da-4462-ba21-14136169afb0
- https://metrics1.citi.com/b/ss/citinaprod/1/JS-2.0.0/s14341365465102?AQB=1&ndh=1&pf=1&t=3%2F10%2F2018%2021%3A6%3A35%206%200&fid=6E510932FD47E004-36D0EB8A7DEDCE55&ce=UTF-8&pageName=Apply%20for%20a%20credit%20card&g=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DInvite%26app%3DNPS%26invite%3D760185554%26cmp%3DEMC%7E01%7E181015%7ECARDSACQ%7Eraf%7Eprsp&c.&visitStart=1&.c&cc=USD&ch=CARDS&v0=EMC%7E01%7E181015%7ECARDSACQ%7Eraf%7Eprsp&products=undefined%3B&c1=cards&h1=CARDS%2Fcards%2Facq%2Fapplication%2FNewWelcome&c2=acq&c3=application&c4=NewWelcome&c8=pre-login%20application&c11=en_US&v38=Apply%20for%20a%20credit%20card&c59=jJRSACQ_Invite&c61=21&c63=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DInvite%26app%3DNPS%26invite%3D760185554%26cmp%3DEMC%7E01%7E181015%7ECARDSACQ%7Eraf%7Eprsp&c64=5%3A06PM&v64=5%3A06PM&c65=Saturday&v65=Saturday&c66=Saturday%7C5%3A06PM&v67=New&v68=1&c73=490004%2C358910%2C354602%2C373773%2C495376%2C495377%2C522572%2C522576%2C542251%2C515853%2C522574%2C552021%2C490141%2C495374%2C574962%2C495375%2C573017%2C551962%2C507276%2C555592%2C454434%2C571630%2C385436%2C572752%2C551970%2C540066%2C512346%2C567637%2C521100%2C531459%2C494437%2C388219%2C458768%2C570646%2C475938%2C572750%2C359218%2C528144%2C488122%2C359214%2C363747%2C486892%2C510670%2C369351%2C553765&v73=medium%7C1600&v78=Yes&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
- https://metrics1.citi.com/b/ss/citinaprod/1/JS-2.0.0/s14341365465102?AQB=1&pccr=true&vidn=2DEF06ED85317BB4-6000011440000184&&ndh=1&pf=1&t=3%2F10%2F2018%2021%3A6%3A35%206%200&fid=6E510932FD47E004-36D0EB8A7DEDCE55&ce=UTF-8&pageName=Apply%20for%20a%20credit%20card&g=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DInvite%26app%3DNPS%26invite%3D760185554%26cmp%3DEMC%7E01%7E181015%7ECARDSACQ%7Eraf%7Eprsp&c.&visitStart=1&.c&cc=USD&ch=CARDS&v0=EMC%7E01%7E181015%7ECARDSACQ%7Eraf%7Eprsp&products=undefined%3B&c1=cards&h1=CARDS%2Fcards%2Facq%2Fapplication%2FNewWelcome&c2=acq&c3=application&c4=NewWelcome&c8=pre-login%20application&c11=en_US&v38=Apply%20for%20a%20credit%20card&c59=jJRSACQ_Invite&c61=21&c63=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DInvite%26app%3DNPS%26invite%3D760185554%26cmp%3DEMC%7E01%7E181015%7ECARDSACQ%7Eraf%7Eprsp&c64=5%3A06PM&v64=5%3A06PM&c65=Saturday&v65=Saturday&c66=Saturday%7C5%3A06PM&v67=New&v68=1&c73=490004%2C358910%2C354602%2C373773%2C495376%2C495377%2C522572%2C522576%2C542251%2C515853%2C522574%2C552021%2C490141%2C495374%2C574962%2C495375%2C573017%2C551962%2C507276%2C555592%2C454434%2C571630%2C385436%2C572752%2C551970%2C540066%2C512346%2C567637%2C521100%2C531459%2C494437%2C388219%2C458768%2C570646%2C475938%2C572750%2C359218%2C528144%2C488122%2C359214%2C363747%2C486892%2C510670%2C369351%2C553765&v73=medium%7C1600&v78=Yes&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
95 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
flow.action
www.citicards.com/cards/credit/application/ Redirect Chain
|
173 KB 71 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
newWelcome.min.css
www.citicards.com/cards/wv/welcome/css/ |
255 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.12.4.min.js
www.citicards.com/cards/wv/welcome/js/ |
95 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Bootstrap.js
nexus.ensighten.com/citi/na_prod/ |
104 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gen_overlay_find-inv.jpg
www.citicards.com/cards/wv/welcome/img/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
newWelcome.min.js
www.citicards.com/cards/wv/welcome/js/ |
743 KB 193 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-art-citi-blue-red.png
www.citicards.com/cards/wv/welcome/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
citi_app_sprite.svg
www.citicards.com/cards/wv/welcome/img/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-ExtraLight.otf
www.citicards.com/cards/wv/welcome/css/fonts/interstate/ |
25 KB 17 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-Light.otf
www.citicards.com/cards/wv/welcome/css/fonts/interstate/ |
25 KB 17 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
serverComponent.php
nexus.ensighten.com/citi/na_prod/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icons@1x.png
www.citicards.com/cards/wv/welcome/css/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
97993a1028912d69f9259bb7d87217cc.js
nexus.ensighten.com/citi/na_prod/code/ |
18 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
100202e9fda547569e56beb63f6c338c.js
nexus.ensighten.com/citi/na_prod/code/ |
144 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
98166772f77e3586e69e7a9e729677fc.js
nexus.ensighten.com/citi/na_prod/code/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
64182e4b64964693cf659a7fad2596fd.js
nexus.ensighten.com/citi/na_prod/code/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
021178fa791ec729d0e0c5413bcf078d.js
nexus.ensighten.com/citi/na_prod/code/ |
197 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
b47e353825f7d4c4473ca21a564a7e72.js
nexus.ensighten.com/citi/na_prod/code/ |
21 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a745579ee57a6f52383f9e59116ffad9.js
nexus.ensighten.com/citi/na_prod/code/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
8a3f17038e94d546789f149681ae2762.js
nexus.ensighten.com/citi/na_prod/code/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3517a48b9e857719580ab0006a6e5650.js
nexus.ensighten.com/citi/na_prod/code/ |
2 KB 1004 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
27601650ffb6860837cd280a2905cab7.js
nexus.ensighten.com/citi/na_prod/code/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
52f27aa581743566d9926acf86b2a403.js
nexus.ensighten.com/citi/na_prod/code/ |
125 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fab64d03c0215a7d0dfb531409cbec7c.js
nexus.ensighten.com/citi/na_prod/code/ |
1 KB 714 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
9f289c4ebe766931564ecfc7f94bda4b.js
nexus.ensighten.com/citi/na_prod/code/ |
42 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
0ddfbb373b80c35ab1042f6fbd67c363.js
nexus.ensighten.com/citi/na_prod/code/ |
7 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
22e4c9662c8a60a7d783e5276645b548.js
nexus.ensighten.com/citi/na_prod/code/ |
98 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
15dc575587fd5d8993fb316b71e6c8e2.js
nexus.ensighten.com/citi/na_prod/code/ |
15 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
adb5d23a99dcfd585be8874dcb043b2d.js
nexus.ensighten.com/citi/na_prod/code/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1612dca9fcae10201880e99f97c45ce2.js
nexus.ensighten.com/citi/na_prod/code/ |
2 KB 981 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
b3715c14e0410ea39474cc3a874ae1f9.js
nexus.ensighten.com/citi/na_prod/code/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dc13aafad88956d38224208751c4071f.js
nexus.ensighten.com/citi/na_prod/code/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
0527651ea70d11a30413dba9f5110853.js
nexus.ensighten.com/citi/na_prod/code/ |
1 KB 895 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ff4cc491fc31e6e470cb400cb8e497a8.js
nexus.ensighten.com/citi/na_prod/code/ |
20 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bk-coretag.js
tags.bkrtx.com/js/ |
31 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
63068
stags.bluekai.com/site/ Frame 743F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
0
bat.bing.com/action/ |
0 265 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tc.min.js
c1.rfihub.net/js/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
425466.html
sr.rlcdn.com/ Frame 3A37 |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pageName=jJRSACQ_Invite,prodID=undefined
d.turn.com/r/dd/id/L21rdC8yMy9jaWQvMTc0Nzk0Njg2Mi90LzI/kv/ |
43 B 467 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vt-70.js
vt.myvisualiq.net/2/0Litz8CpLo%2BILImaLwNgtw%3D%3D/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
fbevents.js
connect.facebook.net/en_US/ |
73 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
conversion_async.js
www.googleadservices.com/pagead/ |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
idr.js
a.rfihub.com/ |
82 B 626 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
998480723620054
connect.facebook.net/signals/config/ |
167 KB 39 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync
t.myvisualiq.net/ Redirect Chain
|
43 B 300 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
sync
pippio.com/api/ Redirect Chain
|
0 62 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
21398
tags.bluekai.com/site/ Redirect Chain
|
62 B 527 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
loadus.exelator.com/load/ Redirect Chain
|
91 B 91 B |
Image
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync
t.myvisualiq.net/ |
43 B 300 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
tr
www.facebook.com/ Redirect Chain
|
44 B 294 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.com/pagead/1p-user-list/959299794/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.de/pagead/1p-user-list/959299794/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.com/pagead/1p-user-list/916451471/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.de/pagead/1p-user-list/916451471/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.com/pagead/1p-user-list/960621875/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.de/pagead/1p-user-list/960621875/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.com/pagead/1p-user-list/959299794/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.de/pagead/1p-user-list/959299794/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.com/pagead/1p-user-list/960621875/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.de/pagead/1p-user-list/960621875/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.com/pagead/1p-user-list/916451471/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.de/pagead/1p-user-list/916451471/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
ca.html
20766698p.rfihub.com/ Frame E97F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s14341365465102
metrics1.citi.com/b/ss/citinaprod/1/JS-2.0.0/ Redirect Chain
|
43 B 744 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.facebook.com/tr/ |
44 B 98 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
129 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| bundle boolean| isResponsive string| siteId string| pageDef string| screen_id string| app_id string| sc object| ieHtml5Els function| $ function| jQuery function| $jq function| getParentLocation function| isSelfLoc function| isXFSWhiteListed string| parentLocation boolean| XFSWhitelisted string| domainName string| JFP_CSRF_TOKEN_AO object| OBJ_JFP_CSRF_TOKEN boolean| isCSRFAutomationEnabled function| isValidDomain function| isValidUrl string| prodId string| prspectId string| appId string| businessTypCd string| prodType string| appType number| randomddvar string| BankDigi boolean| fundVerifReq string| securePh2Fallback string| po string| isAvoka object| citiData object| eventGroup string| eventList object| ensBootstraps object| Bootstrapper boolean| fallBackZip object| validationOptions string| topDM function| impValueCheck function| impValueRadio function| PasswordMeter boolean| maskFlag object| blurring boolean| iOS string| titleAttr function| initNavMenu function| formValidation function| editForm function| cancelForm function| showForm function| saveProgress function| hideForm function| toggleAllMenus function| menuTopClick function| menuTopKeyPress function| menuChildKeyPress function| expandMenu function| collapseMenu object| jQuery19105255177335507744 object| respond function| ZeroClipboard boolean| PR_SHOULD_USE_CONTINUATION function| prettyPrintOne function| prettyPrint object| PR function| Picker function| bk_async object| val object| eventEncodingUtils object| _detector object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut boolean| bk_use_multiple_iframes boolean| bk_allow_multiple_calls object| google_tag_manager object| dataLayer object| local_params function| gtag function| _rfi function| fbq function| _fbq string| sName function| s_getLoadTime function| AppMeasurement function| s_gi function| s_pgicq function| c_r function| c_rspers function| c_w object| s_c_il number| s_c_in object| s number| s_loadT number| s_objectID number| s_giq function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| __core-js_shared__ object| viqjson object| visualiqtag string| scEvents object| rs string| r object| rx number| d object| eo number| y string| s_tnt object| s_i_citinaprod5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .citicards.com/ | Name: _cls_v Value: 4c776535-562f-4441-9c09-02cf0b492364 |
|
| www.citicards.com/ | Name: 7830 Value: error |
|
| .citicards.com/ | Name: _cls_s Value: 013ec0e8-0452-4011-938d-802e90c39db2:0 |
|
| www.citicards.com/ | Name: 7018 Value: |
|
| www.citicards.com/ | Name: JSESSIONID Value: 0000XZF-7djSEI3jYIPsufhV8Dm:1922acq3 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | Frame-Ancestors 'self' https://sit01.disputes.citi.com https://disputes.citi.com |
| X-Frame-Options | Allow-From https://sit01.disputes.citi.com https://disputes.citi.com |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
20766698p.rfihub.com
a.rfihub.com
bat.bing.com
c1.rfihub.net
connect.facebook.net
d.turn.com
googleads.g.doubleclick.net
idsync.rlcdn.com
l.info12.citi.com
loadus.exelator.com
metrics1.citi.com
nexus.ensighten.com
pippio.com
sr.rlcdn.com
stags.bluekai.com
t.myvisualiq.net
tags.bkrtx.com
tags.bluekai.com
tapestry.tapad.com
vt.myvisualiq.net
www.citicards.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.108.44.35
104.108.51.30
104.66.106.214
107.178.254.65
107.23.87.2
147.75.102.200
172.217.22.98
172.227.107.63
173.213.4.76
185.31.128.128
193.0.160.129
204.79.197.200
23.210.249.20
2a00:1450:4001:806::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:81d::2008
2a00:1450:4001:824::2002
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.156.61.26
35.186.234.100
46.228.164.13
52.222.161.12
52.57.223.117
54.82.158.121
63.140.43.86
00fa65c9c11492f14cbbd02c018540eeabb315a58afe006043a386e642840e5a
068ba5e4927f60bf480fb4c551ec03d538eb04ba2dc37409f8e8d766a7f708c6
08f2f8d098743e4e141f9f85e154ad60fa5c106ae0df0284e797b87854a40fef
08f72f766e37109e5a511ae1db59abacf880622c1a30b440fd79e266b9f2c830
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0e737f7330f332984f1e364e269cb02452eca60b2352e555c33549910464c8fc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b19c5b1281d01c55d41ef14b2d4aef92eb8e4f49b4c31ed6b89450a5b310318
1cc5869db900d2a4e68a54608f4a94316776fb6cbb64d7a44facd3eb28f4e37c
1d1ce1175578b594a10d232b9bc5eb04c9514f9a58d6f23a6ba21519d619058b
2524d357ef6e465ff8d48ab535fa7e235ff78b640af33852c280a45b1ee869b2
2564671093e997a2d61ae58be93dd7c5e632dd6473289eb8d26b9978a6a5a608
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
2c4354f7001989938a54555a0a2ca0d66eac95fa7c2cc8855edbb2d62a1da5b0
2c7b95e516f24a2da447755f07b107bd8566745dc36322a1419ef92662019cf6
2ef33aac9924bb27db6c04096ba4a956b57ea44899206cba00804ae60103d1fe
31fe83a5f643af5c800b80a4da7bccc39d1693f24e67960c8d0af89d61c887d3
41ef005fe7c1f669082a323e77a41373fab42d42a922e3b9ee5696d8a7d85c60
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4bd68ef9789b7782f69134258eefca2fedfd90bb4285ea448190c3acfb65d77f
518a52a0f1925b68bd60870297c00be6fc89a614c421881eb52999d36cf5f50c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58c7692735bb423227ed8d06272a168c768fbe98dce050af3033663950928cad
60340ee9f67e0ba4879757ce19457447ec2a7904f093ad83bd2009532836f76c
61eb29759b2e81e483baa333bbdeb55729898217f3d8235e0f894e2440e283e4
65ac64fbbbdf2e748669e3f76d2bceee953e5ee88ed74eb54b0b3c0148feff52
6b758d82e51763f2a648a01d81264a1b1f09c7b2ca2a08b8e439710e60ee1e11
6e8aa099376459830d295cba8264ffadb98343db5539af204925bf6932a0ed45
700bb7cf85c4e176f2de548eb6f7ccf0bad6ea3c0ea6d1f443f627f27a2baa9f
7468e3cef1c673ea9012475ba5db87752cdd0649b495575a50aa52ddebda97f3
774e92855bff222c9b247801c10caee3caad6d037b602e64cb59ee539bea1af4
7a8cb27341741393d8567654e8b48684df3fe14cbc0f82323697b440850dd7f7
7bfe7f419e6ffc6504a329c086fc76b7c8b10681fd9aebad3497635bdba476a3
7caeed862e1fdf2d99ab4114e11e5138c3b87a66ef1d104197d778a5f3f1009e
7d32d255d2369bd24843bbdd28c46b3d4e5c6f5c27c99c799d76ba86684949b7
80531619185017975397b5510d8a113a6ab4a05f88e3be15a6992171622e3035
8053b2bb967cdd37dcd06ad44bf29c64fa76e9aa40e79d2d4f5edf3b796b33e4
864c13b3088dc7a9be0c219b1ae5791b8f6dcea9d1ad2e6b4e36fe0d28d59fc8
8ba862d36a2bace6486c255d0684fd89d2d7ad13f69744cbdf26c362e2ca28e6
8daa6496d5efc075ac33478301c7e9d02e37d20a557fbad04c01c892023cacdf
92885c3eeb1b67b86f6310119eaff2bd31156aa72a58c79ece0c947e1ded44bc
9dc68dae16e644c04a2f4eecb8acc7e70796f202626771d535e88b83bcdedf83
9df60fb9744a6ccb9d6293a757171fe61e72daf364a7e3001f6430c69c5af89c
9f26e9969efb622e3b704a8cb4de5888ec2959a2640aa04c12447ce7504fa871
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
abeb901632fcf757ba233d0b84c224b9d5ab9aa18bcf8beab1d4e5515624ccd5
acc8c0006c9c4e6d3e7171389dd97eef1c1ae6dab0c0f13dd1b069c7e76ec5a6
b110b89a81f750cb13695e69a2860473b295e6e3c7ecaaadde4f867b0aa18b2b
b786b8b06328b1a2648a169daec52afee81c183464b2de82077e6a726cb0c6e3
b7b2cd5e84ad1672fe01e5074015cd54b1ee350ea8417ac8835f0740e8bb1531
b8b8d53fd35ecfed00ef746023ae1ca05a849e67c24edf86d64219ab5f413b1d
bd198c3d4cbe10de97c9059b07a66acfd526cb9d3b4fce8dee690195ab756388
c0abb0da38ca7e1413f5e2f96dcfeaaa6437dcdb81a6db52d5bb060a8bdc62b9
c370231e69ffa7499c080b938a320ebe1113746a675ecb218a3055e1fa01eb84
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
d13863ae06b18099dc7df663460cf243033ad26e9d9673e206c457aeec45b1ba
d17ea7f38ba0acd5b1dfc4131655626a2353277fe99c97936765e4f6ae55a56c
d401e67c2deb51bbe05904960628e497e25ebfce6808ccbfef70c0632b415d7f
dd46b817054278b83168b3511bea90400f5cf687d930b64b817f02f567fd3fff
ddd7e59a2380347c5df0a161e3212db8747e86eb4eea514a781d6957008e301d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d68d9fcde1fd9148c90d3892c9a69ba517c7318a034845e216f2c0005d4403
e7ac132a6c9e42e1d9e5bedab82b186a06f40ca17afd1be4d3a11b736e17f809
e9ca065ac71d21cd53463b3f9ba791c4dbc131470af6fb05f3ec735965ad9ff9
ec57bb87aa08373685aaa811b45d0898dcf492d269192cbbbcaa318e2eb58d0e
eca17c5e10e24caa55225fc490c63cce6fd9cddfbbb44e5b676681e894b6ad25
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1efe399167b58d8bfddbfb44b207a965fe134719209c256d2f4b76967629aef
f530249dd1d5b8b1d23d7a2860924d2ceb88f9d2c9f7df785be17f3abb1c560b
fa2d499915cc9d27d3ed17f446d25a0fe5068ef7623e03f7ff274ca5cc20650b
faecabb33a8ca6b3a0a64150c8233b4a70a41b20b438f89a50630f35c483086c