urlscan.io logo urlscan.io
SecurityTrails logo

citigroups.com.sg Open in urlscan Pro
2606:4700:3035::6815:59c0  Public Scan

Go To Rescan Add Verdict Report
URL: https://citigroups.com.sg/
Submission Tags: @phishunt_io
Submission: On November 23 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3035::6815:59c0, located in United States and belongs to CLOUDFLARENET, US. The main domain is citigroups.com.sg.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 23rd 2021. Valid for: a year.
This is the only time citigroups.com.sg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    2606:4700:3035::6815:59c0 (United States)

ASN13335 (CLOUDFLARENET, US)
citigroups.com.sg
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2606:4700:3033::ac43:9d91 (United States)

ASN13335 (CLOUDFLARENET, US)
static-cdn.edit.site
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
1    2606:4700:3031::ac43:8303 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.plyr.io
1    2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)
noembed.com
Domain Requested by
15 citigroups.com.sg citigroups.com.sg
10 www.youtube.com citigroups.com.sg
www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
1 noembed.com citigroups.com.sg
1 static.doubleclick.net www.youtube.com
1 i.ytimg.com citigroups.com.sg
1 cdn.plyr.io citigroups.com.sg
1 img.youtube.com citigroups.com.sg
1 static-cdn.edit.site citigroups.com.sg
1 fonts.googleapis.com citigroups.com.sg
0 rest.siteplus.com Failed citigroups.com.sg
37 12

This site contains links to these domains. Also see Links.

Domain
citionline.myds.me
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-11-23 -
2022-11-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
noembed.com
R3		 2021-11-07 -
2022-02-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://citigroups.com.sg/
Frame ID: C0AFB038D0CD55FB83053F9980F77ED7
Requests: 26 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TORbo9BRCg0?autoplay=1&controls=0&disablekb=1&playsinline=1&cc_load_policy=0&cc_lang_pref=auto&widget_referrer=https%3A%2F%2Fcitigroups.com.sg%2F&autopause=0&color&fs=0&iv_load_policy=3&rel=0&showinfo=0&playlist=0&resetOnEnd=1&mute=1&origin=https%3A%2F%2Fcitigroups.com.sg&modestbranding=1&enablejsapi=1&widgetid=1
Frame ID: 892BF76FE1C904DCC97190CE7B187C8D
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Citi Groups of Companies98all

Page Statistics

37
Requests

92 %
HTTPS

100 %
IPv6

10
Domains

12
Subdomains

12
IPs

2
Countries

2537 kB
Transfer

5632 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
citigroups.com.sg/ 		69 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citigroups.com.sg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:59c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1a2954ac378575152ba2b7528c507f17b75797c73ee24131e3e68dbf506208f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 23 Nov 2021 03:55:42 GMT
content-type
text/html
last-modified
Wed, 06 Jan 2021 05:52:39 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ki5xNhyb%2BCjFeJBIHPDTJ46ZD3FI9TttP%2FunvCPcJ%2FebCYYx1p2%2FTukWvN9EzHTH%2BrZtnb1AIxrs%2BtKmo58%2Fxxjw5MqZdXsQU9CLUWJUh48aqqhj7Mjtkww%2FsJd7%2B6IBP10aLvcrq440L41tGytC3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b2776a30dfb5a3d-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
publish.css
citigroups.com.sg/bundle/publish/v0.1.34/ 		487 KB
113 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citigroups.com.sg/bundle/publish/v0.1.34/publish.css
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:59c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4903aa3a2d742a0dd6ebbf3ec404210d85eb9ad44f773695259bb285992ccbc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 05:52:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqGn5%2BuIrezXqKYdve6OtsPF8XQwg8RFTDPmdZtB3Sf8KfcBKLAO%2FdxUT0vJHo0QDus7nUjG6tNd80%2BcYDBHQVcQTIwlc7%2FMDiqyqL34UpKJcFmSYu3LaF%2BszDc4iYarK85uY6M%2F0Hj1AKJiI6BZzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b2776a86c8b5a3d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 30 Nov 2021 03:55:43 GMT
c324202e-9563-4c3f-8d11-3121706a02b9.css
citigroups.com.sg/styles/ 		53 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citigroups.com.sg/styles/c324202e-9563-4c3f-8d11-3121706a02b9.css
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:59c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3dd5938067b676658360e4b4813222f9703f765c6008d01d85c71584c74994b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 05:52:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jm8HykXM8xO7cTNvbblPZ1VfSyZvds5TJ%2BsCMozhHY4Uhjb4w5PPKS3tO7v7ptYIbWtgM3blmyJIl6PM36GVzNUNPKLxhGHFASko1v8dhXLRFrmeLMFsptwMsaqae7wM7kHSUimCjF6igyD6uTS8yA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b2776a86c8e5a3d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 30 Nov 2021 03:55:43 GMT
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora:300,400,500,600,700%7CPT+Sans:300,400,500,600,700%7CRoboto:300,400,500,600,700%7Cdisplay=swap
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c509c25dbeaf690a83662f5f3deec9f0a5f4b321139faa32eb2b39347b45c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 03:55:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Nov 2021 03:55:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Nov 2021 03:55:42 GMT
citi-logo-final-1-8.png
citigroups.com.sg/__static/c7aaa1dfa1417818545c101f7d2018c4/ 		250 KB
250 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citigroups.com.sg/__static/c7aaa1dfa1417818545c101f7d2018c4/citi-logo-final-1-8.png
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:59c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbccf8ddb9b0ce017a2192328cd5de474124243e3f8b5f575869f5e94bed674b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:43 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 05:51:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8JjRKzuAWd7dq5Iulk%2B4%2FtjDYQPhKh5z0ls0iBBd5sRVbPNFA95bs6qJTG2MgXyZaL1KN%2F%2F%2BaxAfQkPD4WGhDPHR1Y6s0wrTUYUMZn%2F%2B8kDXlss5JLx6wGT6tDgOaNanceA%2FRqVW480Uj%2F1uYuXBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b2776a86c8f5a3d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
255620
expires
Tue, 30 Nov 2021 03:55:43 GMT
vendors.js
citigroups.com.sg/bundle/publish/v0.1.34/ 		493 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citigroups.com.sg/bundle/publish/v0.1.34/vendors.js
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88fe4d9449e5ccdd57752c69c81257726d694411210b58456efe0b6cb677781a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 05:52:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwmeJumNuWD1pxnylQTPUYgxahltv9AjXp%2FXvQuTBouYpdIh05rLB5%2Fb3BoMKY%2F0rVAYCQDFtATJpaHcA6zEe%2BS2ClEHyO7Rlz9YBVNLmoE%2BxhXqX4%2FQJ70nbv6sFVHIYkJ60413sJch3jS05keIxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b2776a9ebab374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 30 Nov 2021 03:55:43 GMT
bundle.js
citigroups.com.sg/bundle/publish/v0.1.34/ 		201 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citigroups.com.sg/bundle/publish/v0.1.34/bundle.js
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462089b8e5dd463f2cbcc5f1d610a9d6e115e1210900909e5603bee4ad798a98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 05:52:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6Ak8zlULjW8nNKEyOSQS8U%2BYo7A2f56Wq7sX4xaz%2F%2BmPqM94xuP5RH5VSeudrDrzkfcQhK189QR72IxgzSd4PNuLdlpAyr0ge2%2Fovyw3a%2FDn%2Brr%2Fc7wPbozfLQnECkEt0FfMfTniQu8LsWHny17Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b2776a9ebae374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 30 Nov 2021 03:55:43 GMT
truncated
/ 		469 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afca3738edf09ebbd03dba910150f54fa1371b57ac5c40aafaf76f958f7c90c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v20/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v20/0QIvMX1D_JOuMwr7Iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:300,400,500,600,700%7CPT+Sans:300,400,500,600,700%7CRoboto:300,400,500,600,700%7Cdisplay=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef7da2ea9165f4486462c7f1dccddb7485e6a1922d220a1c393a8fa7214829fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://citigroups.com.sg
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 20:20:54 GMT
x-content-type-options
nosniff
age
459290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35440
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:00:32 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 17 Nov 2022 20:20:54 GMT
global.svg
citigroups.com.sg/bundle/publish/v0.1.34/svg/ 		58 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://citigroups.com.sg/bundle/publish/v0.1.34/svg/global.svg
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/bundle/publish/v0.1.34/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a5f4822f7c3e74c110009d6ace99f92a1236c32c6c5ceb84057d24bb681e1fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 05:52:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJ%2FrS4cHDyerMjwdXeeyUjq2jYgGtKaRRpE4226f6lxhfPxML2GAgui8nMBBMCbCgd9sO%2BbBHhbzyeYBSWn762kycYZQlVFFiSe3xC1g6fYweoKEYfL9IazYI1mxSdfnx0JquebPG6mO5Ui07OHgPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b2776b4ee57374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 30 Nov 2021 03:55:45 GMT
templates.svg
citigroups.com.sg/bundle/publish/v0.1.34/svg/ 		92 KB
36 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://citigroups.com.sg/bundle/publish/v0.1.34/svg/templates.svg
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/bundle/publish/v0.1.34/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b29465d75cc1d3e0a2b79873e66caad7d2fd4486c23e2d789d211b92c889fc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 05:52:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLgHWsRObxsHaEuUZbgzAX0XBzB8U%2Fqk04BbP8FnRMEdvzmdU6ebxbvwJ%2BCt8mj0DgCyUeCVma67TSDTy4v1Su54P3rLsDsPJc%2BFvLMkrdMexXO2iYZEKHMqnpbUFgBhPOAF7Dg5hYwft0ShHyZN8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b2776b4ee58374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 30 Nov 2021 03:55:45 GMT
publish.svg
citigroups.com.sg/bundle/publish/v0.1.34/svg/ 		74 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://citigroups.com.sg/bundle/publish/v0.1.34/svg/publish.svg
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/bundle/publish/v0.1.34/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32a158e3b767ed07ddffb9f72425b91db8de1f48018c59fb580c9a84858a6aea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 05:52:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlO31u8bzFxzhYKoWoqGutEY%2FKRKoVcbreH9Wq4p%2FKDvxZEhBXM%2FJ7oxvcQhxEHY7hNtH381OkV8JcJzp6ewqu5JylmzaTUEqFJMj6vM0u%2BeUhSXuBegemx2qM5G6ITttg3ZhnbWlZhi4aHCc0FgIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b2776b4ee59374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 30 Nov 2021 03:55:45 GMT
icons.svg
citigroups.com.sg/__static/ 		102 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://citigroups.com.sg/__static/icons.svg
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/bundle/publish/v0.1.34/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f509a9eddfaba10e9b1b276429b8a062c2432bb6e4fa5eee1b0a268ad41f9b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 05:51:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3MVTgGzihsUoaqmkk0faQsjc662z0jQtGRU2e%2FKrdMSNctheCjn0A3ImKV1WR9rHCYytUTTK0TCba4J5r%2BV6Ug%2BWJx9FCAwxkBRzQPjBtGlTEMJ0DO5rKD4b14FghHuMhSEGAQpMJTwNuRmzvHf5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b2776b4ee5a374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 30 Nov 2021 03:55:45 GMT
iframe_api
www.youtube.com/ 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/bundle/publish/v0.1.34/vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8ed8559eafe8597f61267ae4f8e80be88c3876caa8e6418a5855dc0b43314eeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires
Tue, 23 Nov 2021 03:55:44 GMT
4.json
static-cdn.edit.site/resellers-settings/ 		627 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.edit.site/resellers-settings/4.json
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/bundle/publish/v0.1.34/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9d91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29b6e4cd529b8a0453e350c1ed4f2561d3b9c3f4cabe7ab6d7ae3192c6690af9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash
crc32c=fugCzQ==, md5=6U/YdoN2DGRgevAyfadUeA==
date
Tue, 23 Nov 2021 03:55:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1867
x-guploader-uploadid
ADPycds6pxbkLL9E-pyXNb5AK3XItVPTRfFcEbYe6CG9WgEaNAehKZsFzYFCRsgkc_BQ-WkidqSHLWnHJe4sjc9SWs0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 09 Sep 2021 07:11:30 GMT
server
cloudflare
etag
W/"e94fd87683760c64607af0327da75478"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lrg4jV6ms%2Bo4YHjyz36tK5tk4j%2BcOIcLRULyW88zxthkNA7RsFiG%2FMkCzwMWS4nmllKHa8qAGhOIB9cxzAhC8mar4nEZ6yy62WmqLbapwtPtjqC5RkbWVvV0p7TAG%2BYmfnglQhQDJ5wQozGuLSs8VHbqWg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1631171490259469
access-control-allow-origin
*
content-type
application/json
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600, no-cache, no-store, must-revalidate
x-goog-stored-content-length
627
cf-ray
6b2776b5597a0f52-MXP
expires
Tue, 23 Nov 2021 04:24:37 GMT
maxresdefault.jpg
img.youtube.com/vi/TORbo9BRCg0/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/TORbo9BRCg0/maxresdefault.jpg
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405cd2477df9f99ab46ac40f15b636910ab7620ac8f62c503e2aac9224daad42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 01:57:31 GMT
x-content-type-options
nosniff
age
7093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112905
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 23 Nov 2021 03:57:31 GMT
blank.mp4
cdn.plyr.io/static/ 		2 KB
3 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/static/blank.mp4
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8303 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5747997d80825cbafcdbe5ab97d7b5502c06b1aae85fed9610845348b3da4d98

Request headers

Referer
https://citigroups.com.sg/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 23 Nov 2021 03:55:44 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7756560
x-cache
HIT, HIT
Content-Range
bytes 0-1776/1777
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
3PGNGQ8S8FJV2JX2
x-amz-id-2
ae854UCnRC64CkwRXsNEJ9OYmorQzJQUrRBrekFP2yJa6BhThCpZsRq4siBA6KZjtAhSmG34YT4=
x-served-by
cache-dca12922-DCA, cache-mxp6939-MXP
last-modified
Wed, 14 Nov 2018 10:16:31 GMT
server
cloudflare
x-timer
S1629883185.693271,VS0,VE0
etag
"08fc2557b6c938f1a251e59b016e90e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FS7KDTMpDn%2Fs1tpzNRo5VlzYqQKnUO6qJ3L4%2FTY%2BI7bhn0lF%2Fw5pY6Gs9uGNZFa45QYUcQp%2FE9SvIej6g50%2B23oJ07aok8Ks8GbjV70CsP9fJySfUyBZRC1ixwXUu2M9nfcj8DvoGxFdgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000
Content-Length
1777
cf-ray
6b2776b56db80e06-MXP
x-cache-hits
1, 1
citi-groups-of-companines-title-and-logo-final(2).png
citigroups.com.sg/__static/c55bdd452f5f172a18007704285920b6/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citigroups.com.sg/__static/c55bdd452f5f172a18007704285920b6/citi-groups-of-companines-title-and-logo-final(2).png
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
209fc8cbb9d605326098a35c84784888f1daae9f559b159e701d03cd3822cd6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:46 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 05:51:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbyMj7qgzCX4%2FzFOLSfkt06sK4RFN9lPshf8KuJDnstqJLC49PmmWhOT53Vy3ciLlhfh%2FmA3EU1WGJsRtUz1lK%2F3GdkRE%2FHjrNOts9hARVfUlPWiljlbjQAS7lCr%2BCjVfICH3%2BrYtMsz2lm6BYKWmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b2776b51ea1374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
42951
expires
Tue, 30 Nov 2021 03:55:45 GMT
citi-words-2.png
citigroups.com.sg/__static/6c1059f986017e07f9e638d04f004dff/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citigroups.com.sg/__static/6c1059f986017e07f9e638d04f004dff/citi-words-2.png
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705a6dcca7e670e3becb10d554648d8af9bbfda6f43f38184a69d729c74851a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:46 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 05:51:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7FRI72FzqBgstuUTR2zmKGSLdGjN%2FiPKOOs%2BY%2B0j3OEyH8DA93L5Zz2j0k6e8rJDIZKTU2cTu%2Bsyu13YTdxWx%2B7sKWsl3gVvzdHT87xAsGf5QRUIogZXi9DjJA7D689EBZaLKgO3GyF%2FWx0Z6qURPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b2776b51ea4374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51040
expires
Tue, 30 Nov 2021 03:55:45 GMT
building.jpeg
citigroups.com.sg/__static/e9b36ab085a963d3d29b9354188a9fbf/ 		357 KB
358 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citigroups.com.sg/__static/e9b36ab085a963d3d29b9354188a9fbf/building.jpeg
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad3c5bc75bb2636489a39dadd67ac76271bce735075b0e9798022312143bb6bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:46 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 05:51:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgbcBTrlg8umMo3TpXYoL1Vfhklg9hTKErxwGHDE39oGhdd6XJyNL15duVbr%2FG%2F43VjKI0%2FZqBcaiwd5gxC36lrP8IWSiU7p0CzT7OMYy8KzZANDu55cUcZ6AHxOwJwAA16Jf9o0WBSWcUh7%2FMd74A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b2776b51ea8374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
366078
expires
Tue, 30 Nov 2021 03:55:45 GMT
our-fleet.jpeg
citigroups.com.sg/__static/06d1176052fe146fe4eabb44b6eaeebf/ 		169 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citigroups.com.sg/__static/06d1176052fe146fe4eabb44b6eaeebf/our-fleet.jpeg
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d41aaad0716f2f31b17f3805b260f375fbcc13845b1773d081d537968ecf1f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:46 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 05:51:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSWggIdhwqkO4Fpj2ph3HTPaXSWqu%2BStRhQpg6qX1dYsDZxDDJvNDrbqpKkjXmbyox6NbxMsU1laM4TcvBUwSfg7fylGh7crHF6g06DwoawSuHz5cVXX6eDFTiB4ATqg08vu3vnSkYnqh%2FtzxWgBDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b2776b51eab374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
173338
expires
Tue, 30 Nov 2021 03:55:45 GMT
our-workers.jpeg
citigroups.com.sg/__static/c4e27686712019addea8de6ea4be24f5/ 		251 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citigroups.com.sg/__static/c4e27686712019addea8de6ea4be24f5/our-workers.jpeg
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:59c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d35ec0b08db8ed6ca5a95874cf3d53d3a5dd32e894cc3f63c3811f995e3b9382

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:46 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Jan 2021 05:51:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNGOk%2B0WM3rc4jh5DBPCCTE7A8CEz%2BiYEh9WTHGl5ZLleIYD%2FXmZdCN%2BVuiiyZS5uEHeUyNDm7tAwVNJVZqm9TlyJVUtlRBf2Nw%2BetdJkCCqHYgmRwwVu%2FtZtF7pCwjs287C6eF0uS2RugLio%2FVroQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b2776b51ead374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
256573
expires
Tue, 30 Nov 2021 03:55:45 GMT
www-widgetapi.js
www.youtube.com/s/player/4c89207b/www-widgetapi.vflset/ 		146 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4c89207b/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a15e87cce1b951ac935e9b8fc1e48f08bad73d60a7ade7fd8e1a6d5a312484c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 19:56:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
28729
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48609
x-xss-protection
0
last-modified
Sun, 21 Nov 2021 03:00:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 22 Nov 2022 19:56:55 GMT
TORbo9BRCg0
www.youtube.com/embed/ Frame 892B 		37 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/TORbo9BRCg0?autoplay=1&controls=0&disablekb=1&playsinline=1&cc_load_policy=0&cc_lang_pref=auto&widget_referrer=https%3A%2F%2Fcitigroups.com.sg%2F&autopause=0&color&fs=0&iv_load_policy=3&rel=0&showinfo=0&playlist=0&resetOnEnd=1&mute=1&origin=https%3A%2F%2Fcitigroups.com.sg&modestbranding=1&enablejsapi=1&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b9a0c8c54d8aec5ccc4254443e394c8bc13c4fd7f9406b862a336a7ca0688e2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 23 Nov 2021 03:55:45 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding
br
server
ESF
x-xss-protection
0
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
maxresdefault.jpg
i.ytimg.com/vi/TORbo9BRCg0/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/TORbo9BRCg0/maxresdefault.jpg
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405cd2477df9f99ab46ac40f15b636910ab7620ac8f62c503e2aac9224daad42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 01:57:31 GMT
x-content-type-options
nosniff
age
7094
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112905
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 23 Nov 2021 03:57:31 GMT
api
rest.siteplus.com/member-analytics-service/ Frame 		0
0
api
rest.siteplus.com/member-analytics-service/ 		0
0
www-player-webp.css
www.youtube.com/s/player/4c89207b/ Frame 892B 		336 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4c89207b/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TORbo9BRCg0?autoplay=1&controls=0&disablekb=1&playsinline=1&cc_load_policy=0&cc_lang_pref=auto&widget_referrer=https%3A%2F%2Fcitigroups.com.sg%2F&autopause=0&color&fs=0&iv_load_policy=3&rel=0&showinfo=0&playlist=0&resetOnEnd=1&mute=1&origin=https%3A%2F%2Fcitigroups.com.sg&modestbranding=1&enablejsapi=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6aaf90b8a7792c137daa8a324bfc07b5bf47a1b4c71bdb4e2b8675008b48afee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TORbo9BRCg0?autoplay=1&controls=0&disablekb=1&playsinline=1&cc_load_policy=0&cc_lang_pref=auto&widget_referrer=https%3A%2F%2Fcitigroups.com.sg%2F&autopause=0&color&fs=0&iv_load_policy=3&rel=0&showinfo=0&playlist=0&resetOnEnd=1&mute=1&origin=https%3A%2F%2Fcitigroups.com.sg&modestbranding=1&enablejsapi=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 22:09:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
20748
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47193
x-xss-protection
0
last-modified
Sun, 21 Nov 2021 03:00:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 22 Nov 2022 22:09:57 GMT
www-embed-player.js
www.youtube.com/s/player/4c89207b/www-embed-player.vflset/ Frame 892B 		214 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4c89207b/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TORbo9BRCg0?autoplay=1&controls=0&disablekb=1&playsinline=1&cc_load_policy=0&cc_lang_pref=auto&widget_referrer=https%3A%2F%2Fcitigroups.com.sg%2F&autopause=0&color&fs=0&iv_load_policy=3&rel=0&showinfo=0&playlist=0&resetOnEnd=1&mute=1&origin=https%3A%2F%2Fcitigroups.com.sg&modestbranding=1&enablejsapi=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d59215215ab74c1db96fd8ab0ab80ca05ebbbae6afc8ba156c5ae53b83fd652a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TORbo9BRCg0?autoplay=1&controls=0&disablekb=1&playsinline=1&cc_load_policy=0&cc_lang_pref=auto&widget_referrer=https%3A%2F%2Fcitigroups.com.sg%2F&autopause=0&color&fs=0&iv_load_policy=3&rel=0&showinfo=0&playlist=0&resetOnEnd=1&mute=1&origin=https%3A%2F%2Fcitigroups.com.sg&modestbranding=1&enablejsapi=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 20:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
26687
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71869
x-xss-protection
0
last-modified
Sun, 21 Nov 2021 03:00:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 22 Nov 2022 20:30:58 GMT
base.js
www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/ Frame 892B 		2 MB
522 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TORbo9BRCg0?autoplay=1&controls=0&disablekb=1&playsinline=1&cc_load_policy=0&cc_lang_pref=auto&widget_referrer=https%3A%2F%2Fcitigroups.com.sg%2F&autopause=0&color&fs=0&iv_load_policy=3&rel=0&showinfo=0&playlist=0&resetOnEnd=1&mute=1&origin=https%3A%2F%2Fcitigroups.com.sg&modestbranding=1&enablejsapi=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1cd6e7f884567157268a428a6e69ec79dc3d88857bb1cc03699e1441d9d1293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TORbo9BRCg0?autoplay=1&controls=0&disablekb=1&playsinline=1&cc_load_policy=0&cc_lang_pref=auto&widget_referrer=https%3A%2F%2Fcitigroups.com.sg%2F&autopause=0&color&fs=0&iv_load_policy=3&rel=0&showinfo=0&playlist=0&resetOnEnd=1&mute=1&origin=https%3A%2F%2Fcitigroups.com.sg&modestbranding=1&enablejsapi=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 14:56:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
133129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
534462
x-xss-protection
0
last-modified
Sun, 21 Nov 2021 03:00:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 21 Nov 2022 14:56:56 GMT
fetch-polyfill.js
www.youtube.com/s/player/4c89207b/fetch-polyfill.vflset/ Frame 892B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4c89207b/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TORbo9BRCg0?autoplay=1&controls=0&disablekb=1&playsinline=1&cc_load_policy=0&cc_lang_pref=auto&widget_referrer=https%3A%2F%2Fcitigroups.com.sg%2F&autopause=0&color&fs=0&iv_load_policy=3&rel=0&showinfo=0&playlist=0&resetOnEnd=1&mute=1&origin=https%3A%2F%2Fcitigroups.com.sg&modestbranding=1&enablejsapi=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TORbo9BRCg0?autoplay=1&controls=0&disablekb=1&playsinline=1&cc_load_policy=0&cc_lang_pref=auto&widget_referrer=https%3A%2F%2Fcitigroups.com.sg%2F&autopause=0&color&fs=0&iv_load_policy=3&rel=0&showinfo=0&playlist=0&resetOnEnd=1&mute=1&origin=https%3A%2F%2Fcitigroups.com.sg&modestbranding=1&enablejsapi=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 18:02:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
35566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Sun, 21 Nov 2021 03:00:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 22 Nov 2022 18:02:59 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 892B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TORbo9BRCg0?autoplay=1&controls=0&disablekb=1&playsinline=1&cc_load_policy=0&cc_lang_pref=auto&widget_referrer=https%3A%2F%2Fcitigroups.com.sg%2F&autopause=0&color&fs=0&iv_load_policy=3&rel=0&showinfo=0&playlist=0&resetOnEnd=1&mute=1&origin=https%3A%2F%2Fcitigroups.com.sg&modestbranding=1&enablejsapi=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 11:18:05 GMT
x-content-type-options
nosniff
age
578260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Nov 2022 11:18:05 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 892B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TORbo9BRCg0?autoplay=1&controls=0&disablekb=1&playsinline=1&cc_load_policy=0&cc_lang_pref=auto&widget_referrer=https%3A%2F%2Fcitigroups.com.sg%2F&autopause=0&color&fs=0&iv_load_policy=3&rel=0&showinfo=0&playlist=0&resetOnEnd=1&mute=1&origin=https%3A%2F%2Fcitigroups.com.sg&modestbranding=1&enablejsapi=1&widgetid=1
Protocol
H3
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76b51d6f1a42942b80def853ffd311427303d73ebbf36cd509b0db50366a5353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 23 Nov 2021 03:55:45 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 892B 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:42:28 GMT
x-content-type-options
nosniff
age
797
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Nov 2021 03:57:28 GMT
qoe
www.youtube.com/api/stats/ Frame 892B 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&cpn=L3QQwJg3xr-9ZQoE&el=embedded&docid=TORbo9BRCg0&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24064556%2C24080738%2C24082661%2C24091243%2C24104617%2C24115508%2C24116772%2C24129402%2C24129451%2C24136255&cl=411320122&seq=1&cbr=Chrome&cbrver=96.0.4664.45&c=WEB_EMBEDDED_PLAYER&cver=1.20211117.01.02&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth:0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/TORbo9BRCg0?autoplay=1&controls=0&disablekb=1&playsinline=1&cc_load_policy=0&cc_lang_pref=auto&widget_referrer=https%3A%2F%2Fcitigroups.com.sg%2F&autopause=0&color&fs=0&iv_load_policy=3&rel=0&showinfo=0&playlist=0&resetOnEnd=1&mute=1&origin=https%3A%2F%2Fcitigroups.com.sg&modestbranding=1&enablejsapi=1&widgetid=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Nov 2021 03:55:45 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/ Frame 892B 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e73619e9ecea219d864310fcb1cbd64bd35a35d03eb67619c629b1e3fc72050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TORbo9BRCg0?autoplay=1&controls=0&disablekb=1&playsinline=1&cc_load_policy=0&cc_lang_pref=auto&widget_referrer=https%3A%2F%2Fcitigroups.com.sg%2F&autopause=0&color&fs=0&iv_load_policy=3&rel=0&showinfo=0&playlist=0&resetOnEnd=1&mute=1&origin=https%3A%2F%2Fcitigroups.com.sg&modestbranding=1&enablejsapi=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 14:57:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
133081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7357
x-xss-protection
0
last-modified
Sun, 21 Nov 2021 03:00:37 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 21 Nov 2022 14:57:44 GMT
embed
noembed.com/ 		662 B
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://noembed.com/embed?url=https://www.youtube.com/watch?v=TORbo9BRCg0
Requested by
Host: citigroups.com.sg
URL: https://citigroups.com.sg/bundle/publish/v0.1.34/vendors.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
55239ca7b0d00927a0dd1eec4a34410580920cdb0e76bcb85765c73b005c6ac0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citigroups.com.sg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 03:55:45 GMT
via
1.1 varnish, 1.1 varnish
age
314163
x-cache
HIT, HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-cache-hits
1, 1
access-control-allow-methods
GET
accept-ranges
bytes
x-timer
S1637639745.454553,VS0,VE1
access-control-allow-headers
Origin, Accept, Content-Type
content-length
662
x-served-by
cache-mdw17379-MDW, cache-mxp6982-MXP
log_event
www.youtube.com/youtubei/v1/ Frame 892B 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/TORbo9BRCg0?autoplay=1&controls=0&disablekb=1&playsinline=1&cc_load_policy=0&cc_lang_pref=auto&widget_referrer=https%3A%2F%2Fcitigroups.com.sg%2F&autopause=0&color&fs=0&iv_load_policy=3&rel=0&showinfo=0&playlist=0&resetOnEnd=1&mute=1&origin=https%3A%2F%2Fcitigroups.com.sg&modestbranding=1&enablejsapi=1&widgetid=1
X-YouTube-Client-Version
1.20211117.01.02
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtpM2V5V0tNY2E5USjBzPGMBg%3D%3D
X-YouTube-Ad-Signals
dt=1637639745093&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 23 Nov 2021 03:55:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 23 Nov 2021 03:55:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rest.siteplus.com
URL
https://rest.siteplus.com/member-analytics-service/api
Domain
rest.siteplus.com
URL
https://rest.siteplus.com/member-analytics-service/api

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| __PRELOADED_STATE__ object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime function| __VERSION__ function| onYouTubeIframeAPIReady object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 3Flc_L_Rxp8
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: i3eyWKMca9Q

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.plyr.io
citigroups.com.sg
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
img.youtube.com
noembed.com
rest.siteplus.com
static-cdn.edit.site
static.doubleclick.net
www.youtube.com
rest.siteplus.com
2606:4700:3031::ac43:8303
2606:4700:3033::ac43:9d91
2606:4700:3035::6815:59c0
2a00:1450:4001:810::200e
2a00:1450:4001:812::200a
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2016
2a00:1450:4001:830::200e
2a04:4e42:200::645
0b29465d75cc1d3e0a2b79873e66caad7d2fd4486c23e2d789d211b92c889fc4
0e73619e9ecea219d864310fcb1cbd64bd35a35d03eb67619c629b1e3fc72050
209fc8cbb9d605326098a35c84784888f1daae9f559b159e701d03cd3822cd6c
29b6e4cd529b8a0453e350c1ed4f2561d3b9c3f4cabe7ab6d7ae3192c6690af9
32a158e3b767ed07ddffb9f72425b91db8de1f48018c59fb580c9a84858a6aea
3d41aaad0716f2f31b17f3805b260f375fbcc13845b1773d081d537968ecf1f9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
405cd2477df9f99ab46ac40f15b636910ab7620ac8f62c503e2aac9224daad42
462089b8e5dd463f2cbcc5f1d610a9d6e115e1210900909e5603bee4ad798a98
4903aa3a2d742a0dd6ebbf3ec404210d85eb9ad44f773695259bb285992ccbc1
4c509c25dbeaf690a83662f5f3deec9f0a5f4b321139faa32eb2b39347b45c2e
55239ca7b0d00927a0dd1eec4a34410580920cdb0e76bcb85765c73b005c6ac0
5747997d80825cbafcdbe5ab97d7b5502c06b1aae85fed9610845348b3da4d98
6aaf90b8a7792c137daa8a324bfc07b5bf47a1b4c71bdb4e2b8675008b48afee
705a6dcca7e670e3becb10d554648d8af9bbfda6f43f38184a69d729c74851a6
76b51d6f1a42942b80def853ffd311427303d73ebbf36cd509b0db50366a5353
88fe4d9449e5ccdd57752c69c81257726d694411210b58456efe0b6cb677781a
8a5f4822f7c3e74c110009d6ace99f92a1236c32c6c5ceb84057d24bb681e1fe
8ed8559eafe8597f61267ae4f8e80be88c3876caa8e6418a5855dc0b43314eeb
9f509a9eddfaba10e9b1b276429b8a062c2432bb6e4fa5eee1b0a268ad41f9b8
a15e87cce1b951ac935e9b8fc1e48f08bad73d60a7ade7fd8e1a6d5a312484c0
a1a2954ac378575152ba2b7528c507f17b75797c73ee24131e3e68dbf506208f
ad3c5bc75bb2636489a39dadd67ac76271bce735075b0e9798022312143bb6bc
afca3738edf09ebbd03dba910150f54fa1371b57ac5c40aafaf76f958f7c90c2
b1cd6e7f884567157268a428a6e69ec79dc3d88857bb1cc03699e1441d9d1293
b9a0c8c54d8aec5ccc4254443e394c8bc13c4fd7f9406b862a336a7ca0688e2f
bbccf8ddb9b0ce017a2192328cd5de474124243e3f8b5f575869f5e94bed674b
d35ec0b08db8ed6ca5a95874cf3d53d3a5dd32e894cc3f63c3811f995e3b9382
d59215215ab74c1db96fd8ab0ab80ca05ebbbae6afc8ba156c5ae53b83fd652a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef7da2ea9165f4486462c7f1dccddb7485e6a1922d220a1c393a8fa7214829fd
f3dd5938067b676658360e4b4813222f9703f765c6008d01d85c71584c74994b