www.citicards.com
Open in
urlscan Pro
104.108.44.35
Public Scan
Submitted URL: http://l.info12.citi.com/rts/go2.aspx?h=3446669&tp=i-H43-Q3d-RXc-2t9x3h-25-wTJ0-1c-2qSK4w-1Zp29c&x=760185554
Effective URL: https://www.citicards.com/cards/credit/application/flow.action?ID=Invite&app=NPS&invite=760185554&cmp=EMC~01~181015~CARDSA...
Submission: On November 03 via api from US
Effective URL: https://www.citicards.com/cards/credit/application/flow.action?ID=Invite&app=NPS&invite=760185554&cmp=EMC~01~181015~CARDSA...
Submission: On November 03 via api from US
Summary
This website contacted 24 IPs
in 6 countries
across 21 domains to perform 87 HTTP transactions.
The main IP is 104.108.44.35, located in
Amsterdam, Netherlands and
belongs to AKAMAI-AS - Akamai Technologies, Inc., US.
The main domain is www.citicards.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 15th 2018. Valid for: a year.
This is the only time www.citicards.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 15th 2018. Valid for: a year.
This is the only time www.citicards.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 173.213.4.76 173.213.4.76 | 53316 (ASN-CHEET...) (ASN-CHEETA-MAIL - CHEETAHMAIL) | |
| 10 | 104.108.44.35 104.108.44.35 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 5 | 52.208.133.140 52.208.133.140 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 19 | 35.157.3.192 35.157.3.192 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 172.227.107.63 172.227.107.63 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 17 | 2a00:1450:400... 2a00:1450:4001:81d::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 104.66.106.214 104.66.106.214 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 1 | 204.79.197.200 204.79.197.200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
| 1 | 23.210.249.20 23.210.249.20 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 1 | 54.210.1.1 54.210.1.1 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 | 46.228.164.13 46.228.164.13 | 56396 (TURN) (TURN) | |
| 1 | 52.222.161.196 52.222.161.196 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 2 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
| 1 | 172.217.18.2 172.217.18.2 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 193.0.160.129 193.0.160.129 | 54312 (ROCKETFUEL) (ROCKETFUEL - Rocket Fuel Inc.) | |
| 1 6 | 2a00:1450:400... 2a00:1450:4001:816::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 6 | 2a00:1450:400... 2a00:1450:4001:81c::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 6 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 1 | 35.186.234.100 35.186.234.100 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 6 8 | 35.156.61.26 35.156.61.26 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 2 2 | 34.193.232.33 34.193.232.33 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 | 107.178.254.65 107.178.254.65 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 2 | 104.108.51.30 104.108.51.30 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 1 | 147.75.102.200 147.75.102.200 | 54825 (PACKET) (PACKET - Packet Host) | |
| 2 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
| 1 | 185.31.128.128 185.31.128.128 | 54312 (ROCKETFUEL) (ROCKETFUEL - Rocket Fuel Inc.) | |
| 1 2 | 63.140.43.86 63.140.43.86 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
| 87 | 24 |
1
173.213.4.76
(New York, United States)
ASN53316 (ASN-CHEETA-MAIL - CHEETAHMAIL, US)
ASN53316 (ASN-CHEETA-MAIL - CHEETAHMAIL, US)
| l.info12.citi.com |
10
104.108.44.35
(Amsterdam, Netherlands)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-44-35.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-44-35.deploy.static.akamaitechnologies.com
| www.citicards.com |
5
52.208.133.140
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-133-140.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-133-140.eu-west-1.compute.amazonaws.com
| nexus.ensighten.com |
19
35.157.3.192
(Frankfurt, Germany)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-3-192.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-3-192.eu-central-1.compute.amazonaws.com
| nexus.ensighten.com |
1
172.227.107.63
(Cambridge, United States)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a172-227-107-63.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a172-227-107-63.deploy.static.akamaitechnologies.com
| tags.bkrtx.com |
1
104.66.106.214
(Amsterdam, Netherlands)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-66-106-214.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-66-106-214.deploy.static.akamaitechnologies.com
| stags.bluekai.com |
1
204.79.197.200
(Redmond, United States)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net
| bat.bing.com |
1
23.210.249.20
(Cambridge, United States)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-249-20.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-249-20.deploy.static.akamaitechnologies.com
| c1.rfihub.net |
1
54.210.1.1
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-210-1-1.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-210-1-1.compute-1.amazonaws.com
| sr.rlcdn.com |
1
52.222.161.196
(Seattle, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-161-196.fra54.r.cloudfront.net
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-161-196.fra54.r.cloudfront.net
| vt.myvisualiq.net |
2
2a03:2880:f02d:12:face:b00c:0:3
(Ireland)
ASN32934 (FACEBOOK - Facebook, Inc., US)
ASN32934 (FACEBOOK - Facebook, Inc., US)
| connect.facebook.net |
1
172.217.18.2
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f2.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f2.1e100.net
| www.googleadservices.com |
1
35.186.234.100
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: 100.234.186.35.bc.googleusercontent.com
ASN15169 (GOOGLE - Google LLC, US)
PTR: 100.234.186.35.bc.googleusercontent.com
| tapestry.tapad.com |
8
35.156.61.26
(Frankfurt, Germany)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-61-26.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-61-26.eu-central-1.compute.amazonaws.com
| t.myvisualiq.net |
2
34.193.232.33
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-193-232-33.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-193-232-33.compute-1.amazonaws.com
| idsync.rlcdn.com |
1
107.178.254.65
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: 65.254.178.107.bc.googleusercontent.com
ASN15169 (GOOGLE - Google LLC, US)
PTR: 65.254.178.107.bc.googleusercontent.com
| pippio.com |
2
104.108.51.30
(Amsterdam, Netherlands)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-51-30.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-51-30.deploy.static.akamaitechnologies.com
| tags.bluekai.com |
2
2a03:2880:f12d:83:face:b00c:0:25de
(Ireland)
ASN32934 (FACEBOOK - Facebook, Inc., US)
ASN32934 (FACEBOOK - Facebook, Inc., US)
| www.facebook.com |
2
63.140.43.86
(Lehi, United States)
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: citi.com.ssl.sc.omtrdc.net
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: citi.com.ssl.sc.omtrdc.net
| metrics1.citi.com |
| Domain | Requested by | |
|---|---|---|
| 24 | nexus.ensighten.com |
www.citicards.com
nexus.ensighten.com |
| 17 | www.googletagmanager.com |
nexus.ensighten.com
|
| 10 | www.citicards.com |
www.citicards.com
|
| 8 | t.myvisualiq.net | 6 redirects |
| 6 | www.google.de | |
| 6 | www.google.com | 1 redirects |
| 6 | googleads.g.doubleclick.net |
1 redirects
www.googleadservices.com
|
| 2 | metrics1.citi.com | 1 redirects |
| 2 | www.facebook.com | |
| 2 | tags.bluekai.com | 1 redirects |
| 2 | idsync.rlcdn.com | 2 redirects |
| 2 | connect.facebook.net |
nexus.ensighten.com
connect.facebook.net |
| 1 | 20766698p.rfihub.com |
c1.rfihub.net
|
| 1 | loadus.exelator.com | |
| 1 | pippio.com | |
| 1 | tapestry.tapad.com | 1 redirects |
| 1 | a.rfihub.com |
c1.rfihub.net
|
| 1 | www.googleadservices.com |
www.googletagmanager.com
|
| 1 | vt.myvisualiq.net |
nexus.ensighten.com
|
| 1 | d.turn.com | |
| 1 | sr.rlcdn.com |
nexus.ensighten.com
|
| 1 | c1.rfihub.net |
nexus.ensighten.com
|
| 1 | bat.bing.com |
www.citicards.com
|
| 1 | stags.bluekai.com |
tags.bkrtx.com
|
| 1 | tags.bkrtx.com |
nexus.ensighten.com
|
| 1 | l.info12.citi.com | 1 redirects |
| 87 | 26 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.citi.com |
| online.citi.com |
| online.citibank.com |
| sealinfo.verisign.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.accountonline.com DigiCert SHA2 Extended Validation Server CA |
2018-08-15 - 2020-01-02 |
a year | crt.sh |
| nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2018-10-17 - 2020-01-05 |
a year | crt.sh |
| *.bkrtx.com DigiCert SHA2 Secure Server CA |
2018-02-01 - 2019-02-01 |
a year | crt.sh |
| *.google-analytics.com Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
| odc-prod-01.oracle.com DigiCert ECC Secure Server CA |
2018-01-30 - 2019-01-29 |
a year | crt.sh |
| www.bing.com Microsoft IT TLS CA 5 |
2017-07-20 - 2019-07-10 |
2 years | crt.sh |
| *.rfihub.net DigiCert SHA2 Secure Server CA |
2018-03-26 - 2019-03-26 |
a year | crt.sh |
| *.rlcdn.com Go Daddy Secure Certificate Authority - G2 |
2017-05-08 - 2019-06-21 |
2 years | crt.sh |
| *.turn.com DigiCert SHA2 Secure Server CA |
2018-01-03 - 2019-02-25 |
a year | crt.sh |
| vt.myvisualiq.net Go Daddy Secure Certificate Authority - G2 |
2016-12-12 - 2018-12-11 |
2 years | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2017-12-15 - 2019-03-22 |
a year | crt.sh |
| www.googleadservices.com Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
| *.rfihub.com DigiCert SHA2 Secure Server CA |
2016-07-20 - 2019-09-03 |
3 years | crt.sh |
| *.g.doubleclick.net Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
| www.google.de Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
| t.myvisualiq.net COMODO RSA Domain Validation Secure Server CA |
2017-07-05 - 2020-07-28 |
3 years | crt.sh |
| pippio.com COMODO RSA Domain Validation Secure Server CA |
2017-10-23 - 2020-11-15 |
3 years | crt.sh |
| *.exelator.com Go Daddy Secure Certificate Authority - G2 |
2017-05-25 - 2019-06-25 |
2 years | crt.sh |
| www.google.com Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
| metrics1.citi.com DigiCert SHA2 Extended Validation Server CA |
2018-08-31 - 2020-08-30 |
2 years | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.citicards.com/cards/credit/application/flow.action?ID=Invite&app=NPS&invite=760185554&cmp=EMC~01~181015~CARDSACQ~raf~prsp
Frame ID: B25CAE0C5A55402D01E672BEBFF4F652
Requests: 84 HTTP requests in this frame
Frame:
https://stags.bluekai.com/site/63068?ret=html&phint=language%3Den_US&phint=product&phint=event%3D&phint=category%3Dpre-login%20application&phint=page%3DApply%20for%20a%20credit%20card&phint=section1%3Dcards&phint=section2%3Dacq&phint=section3%3Dapplication&phint=section4%3DNewWelcome&phint=productID&phint=__bk_t%3DApply%20for%20a%20credit%20card%20-%20Citi.com&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DInvite%26app%3DNPS%26invite%3D760185554%26cmp%3DEMC~01~181015~CARDSACQ~raf~prsp&limit=10&r=10962867
Frame ID: F6647BC2F69691DCAE05CD315014BA5A
Requests: 1 HTTP requests in this frame
Frame:
https://sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: D4AE40B596DA454F2D1424D26304FD2D
Requests: 1 HTTP requests in this frame
Frame:
https://20766698p.rfihub.com/ca.html?rfiidc=640425955078496318&rfiaid=ab8831710805415db9c4941ba7da3be3&ver=9&ra=1874&rb=648&ca=20766698&_o=17169175&_t=cardssitevisitor&ssv_cuuid=&ssv_pagename=applyforacreditcard&pe=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DInvite%26app%3DNPS%26invite%3D760185554%26cmp%3DEMC%7E01%7E181015%7ECARDSACQ%7Eraf%7Eprsp&pf=&ra=725678523058481
Frame ID: 29DE1753FBE740F945CD79F37FA8576C
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://l.info12.citi.com/rts/go2.aspx?h=3446669&tp=i-H43-Q3d-RXc-2t9x3h-25-wTJ0-1c-2qSK4w-1Zp29c&x=76...
HTTP 302
https://www.citicards.com/cards/credit/application/flow.action?ID=Invite&app=NPS&invite=760185554&cmp=... Page URL
Detected technologies
Windows Server
(Operating Systems)
Expand
Overall confidence: 50%
Detected patterns
Detected patterns
- url /\.aspx(?:$|\?)/i
Microsoft ASP.NET
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.aspx(?:$|\?)/i
RxJS
(JavaScript Frameworks)
Expand
Overall confidence: 20%
Detected patterns
Detected patterns
- env /^Rx$/i
IIS
(Web Servers)
Expand
Overall confidence: 50%
Detected patterns
Detected patterns
- url /\.aspx(?:$|\?)/i
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Code Prettify
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^prettyPrint$/i
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^google_tag_manager$/i
SiteCatalyst
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^s_(?:account|objectID|code|INST)$/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^jQuery$/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
URL: https://www.citi.com/credit-cards/creditcards/CitiHome.do
Title: Citicards.com
Title: Citicards.com
Search URL Search Domain Scan URL
URL: https://online.citi.com/US/JRS/portal/template.do?ID=TermsDisclaimer
Title: Terms & Conditions
Title: Terms & Conditions
Search URL Search Domain Scan URL
URL: https://online.citibank.com/US/JRS/portal/template.do?ID=Privacy
Title: Privacy
Title: Privacy
Search URL Search Domain Scan URL
URL: https://sealinfo.verisign.com/splash?form_file=fdf/splash.fdf&dn=www.citicards.com
Search URL Search Domain Scan URL
URL: https://online.citi.com/JRS/portal/template.do?ID=Privacy#ad-info-external-use
Title: AdChoices
Title: AdChoices
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://l.info12.citi.com/rts/go2.aspx?h=3446669&tp=i-H43-Q3d-RXc-2t9x3h-25-wTJ0-1c-2qSK4w-1Zp29c&x=760185554
HTTP 302
https://www.citicards.com/cards/credit/application/flow.action?ID=Invite&app=NPS&invite=760185554&cmp=EMC~01~181015~CARDSACQ~raf~prsp Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 66- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1541279190097&cv=9&fst=1541279190097&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dconversion>m=2odas3&sendb=1&frm=0&url=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DInvite%26app%3DNPS%26invite%3D760185554%26cmp%3DEMC~01~181015~CARDSACQ~raf~prsp&tiba=Apply%20for%20a%20credit%20card%20-%20Citi.com&async=1 HTTP 302
- https://www.google.com/pagead/1p-user-list/916451471/?random=1541279190097&cv=9&fst=1541278800000&num=1&fmt=3&bg=ffffff&guid=ON&eid=376635470%2C659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dconversion>m=2odas3&sendb=1&frm=0&url=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DInvite%26app%3DNPS%26invite%3D760185554%26cmp%3DEMC~01~181015~CARDSACQ~raf~prsp&tiba=Apply%20for%20a%20credit%20card%20-%20Citi.com&async=1&crd=CITQGw&cdct=2&is_vtc=1&random=3124804439&resp=GooglemKTybQhCsO HTTP 302
- https://www.google.de/pagead/1p-user-list/916451471/?random=1541279190097&cv=9&fst=1541278800000&num=1&fmt=3&bg=ffffff&guid=ON&eid=376635470%2C659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dconversion>m=2odas3&sendb=1&frm=0&url=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DInvite%26app%3DNPS%26invite%3D760185554%26cmp%3DEMC~01~181015~CARDSACQ~raf~prsp&tiba=Apply%20for%20a%20credit%20card%20-%20Citi.com&async=1&crd=CITQGw&cdct=2&is_vtc=1&random=3124804439&resp=GooglemKTybQhCsO&ipr=y
- https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D HTTP 302
- https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_55d40f53-dfac-11e8-a979-0a580ad300bc
- https://t.myvisualiq.net/sync?prid=1002&ao=0&red=https://idsync.rlcdn.com/420356.gif?partner_uid=${UUID} HTTP 302
- https://t.myvisualiq.net/ul_cb/sync?prid=1002&ao=0&red=https://idsync.rlcdn.com/420356.gif?partner_uid=${UUID} HTTP 302
- https://idsync.rlcdn.com/420356.gif?partner_uid=0dcf10bc-9549-4140-999e-07fe902f85c3 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CITUGRIwCiwIARDclAEaJDBkY2YxMGJjLTk1NDktNDE0MC05OTllLTA3ZmU5MDJmODVjMxAAGg0I1pv43gUSBQjoBxAAQgBKAA HTTP 307
- https://pippio.com/api/sync?pid=5324&_=2
- https://t.myvisualiq.net/sync?prid=BUKIPNR1&red=https://tags.bluekai.com/site/21398?id=$%7BUUID%7D HTTP 302
- https://t.myvisualiq.net/ul_cb/sync?prid=BUKIPNR1&red=https://tags.bluekai.com/site/21398?id=$%7BUUID%7D HTTP 302
- https://tags.bluekai.com/site/21398?id=0dcf10bc-9549-4140-999e-07fe902f85c3 HTTP 302
- https://tags.bluekai.com/site/21398?dt=0&r=2074115267&sig=2362543532&bkca=KJpnEnWNuWkm1pH/u+SNBeVhNeDhBecx+qu6EBDN1W2n+Exyug1yEERs9BvRYiy=
- https://t.myvisualiq.net/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D HTTP 302
- https://loadus.exelator.com/load/?p=204&g=1260&buid=0-af1fc745-c7f0-45cf-992f-61e28ca05ca4
- https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D724424851071342%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D HTTP 302
- https://www.facebook.com/tr?id=724424851071342&ev=PageView&cd[order_id]=0-fb88eb02-ad7c-4471-b451-4cae08741ebe
- https://metrics1.citi.com/b/ss/citinaprod/1/JS-2.0.0/s17974594809627?AQB=1&ndh=1&pf=1&t=3%2F10%2F2018%2021%3A6%3A30%206%200&fid=68265B3374A9A1C7-3386AD99AA1F50F9&ce=UTF-8&pageName=Apply%20for%20a%20credit%20card&g=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DInvite%26app%3DNPS%26invite%3D760185554%26cmp%3DEMC%7E01%7E181015%7ECARDSACQ%7Eraf%7Eprsp&c.&visitStart=1&.c&cc=USD&ch=CARDS&v0=EMC%7E01%7E181015%7ECARDSACQ%7Eraf%7Eprsp&products=undefined%3B&c1=cards&h1=CARDS%2Fcards%2Facq%2Fapplication%2FNewWelcome&c2=acq&c3=application&c4=NewWelcome&c8=pre-login%20application&c11=en_US&v38=Apply%20for%20a%20credit%20card&c59=jJRSACQ_Invite&c61=16&c63=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DInvite%26app%3DNPS%26invite%3D760185554%26cmp%3DEMC%7E01%7E181015%7ECARDSACQ%7Eraf%7Eprsp&c64=5%3A06PM&v64=5%3A06PM&c65=Saturday&v65=Saturday&c66=Saturday%7C5%3A06PM&v67=New&v68=1&c73=490004%2C358910%2C354602%2C373773%2C555592%2C495376%2C495377%2C522572%2C522576%2C542251%2C515853%2C522574%2C552021%2C490141%2C495374%2C574962%2C495375%2C573017%2C551962%2C507276%2C571630%2C385436%2C572752%2C551970%2C454434%2C540066%2C512346%2C567637%2C521100%2C531459%2C494437%2C388219%2C572750%2C359218%2C528144%2C488122%2C458768%2C570646%2C475938%2C359214%2C363747%2C486892%2C510670%2C369351%2C553765&v73=medium%7C1600&v78=Yes&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
- https://metrics1.citi.com/b/ss/citinaprod/1/JS-2.0.0/s17974594809627?AQB=1&pccr=true&vidn=2DEF06EB05313EC8-4000010BA0008CF8&&ndh=1&pf=1&t=3%2F10%2F2018%2021%3A6%3A30%206%200&fid=68265B3374A9A1C7-3386AD99AA1F50F9&ce=UTF-8&pageName=Apply%20for%20a%20credit%20card&g=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DInvite%26app%3DNPS%26invite%3D760185554%26cmp%3DEMC%7E01%7E181015%7ECARDSACQ%7Eraf%7Eprsp&c.&visitStart=1&.c&cc=USD&ch=CARDS&v0=EMC%7E01%7E181015%7ECARDSACQ%7Eraf%7Eprsp&products=undefined%3B&c1=cards&h1=CARDS%2Fcards%2Facq%2Fapplication%2FNewWelcome&c2=acq&c3=application&c4=NewWelcome&c8=pre-login%20application&c11=en_US&v38=Apply%20for%20a%20credit%20card&c59=jJRSACQ_Invite&c61=16&c63=https%3A%2F%2Fwww.citicards.com%2Fcards%2Fcredit%2Fapplication%2Fflow.action%3FID%3DInvite%26app%3DNPS%26invite%3D760185554%26cmp%3DEMC%7E01%7E181015%7ECARDSACQ%7Eraf%7Eprsp&c64=5%3A06PM&v64=5%3A06PM&c65=Saturday&v65=Saturday&c66=Saturday%7C5%3A06PM&v67=New&v68=1&c73=490004%2C358910%2C354602%2C373773%2C555592%2C495376%2C495377%2C522572%2C522576%2C542251%2C515853%2C522574%2C552021%2C490141%2C495374%2C574962%2C495375%2C573017%2C551962%2C507276%2C571630%2C385436%2C572752%2C551970%2C454434%2C540066%2C512346%2C567637%2C521100%2C531459%2C494437%2C388219%2C572750%2C359218%2C528144%2C488122%2C458768%2C570646%2C475938%2C359214%2C363747%2C486892%2C510670%2C369351%2C553765&v73=medium%7C1600&v78=Yes&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
87 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
flow.action
www.citicards.com/cards/credit/application/ Redirect Chain
|
173 KB 71 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
newWelcome.min.css
www.citicards.com/cards/wv/welcome/css/ |
255 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.12.4.min.js
www.citicards.com/cards/wv/welcome/js/ |
95 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Bootstrap.js
nexus.ensighten.com/citi/na_prod/ |
104 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gen_overlay_find-inv.jpg
www.citicards.com/cards/wv/welcome/img/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
newWelcome.min.js
www.citicards.com/cards/wv/welcome/js/ |
743 KB 193 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icons@1x.png
www.citicards.com/cards/wv/welcome/css/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-art-citi-blue-red.png
www.citicards.com/cards/wv/welcome/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
citi_app_sprite.svg
www.citicards.com/cards/wv/welcome/img/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-ExtraLight.otf
www.citicards.com/cards/wv/welcome/css/fonts/interstate/ |
25 KB 17 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Interstate-Light.otf
www.citicards.com/cards/wv/welcome/css/fonts/interstate/ |
25 KB 17 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
serverComponent.php
nexus.ensighten.com/citi/na_prod/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
97993a1028912d69f9259bb7d87217cc.js
nexus.ensighten.com/citi/na_prod/code/ |
18 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
100202e9fda547569e56beb63f6c338c.js
nexus.ensighten.com/citi/na_prod/code/ |
144 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
98166772f77e3586e69e7a9e729677fc.js
nexus.ensighten.com/citi/na_prod/code/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
64182e4b64964693cf659a7fad2596fd.js
nexus.ensighten.com/citi/na_prod/code/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
021178fa791ec729d0e0c5413bcf078d.js
nexus.ensighten.com/citi/na_prod/code/ |
197 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
b47e353825f7d4c4473ca21a564a7e72.js
nexus.ensighten.com/citi/na_prod/code/ |
21 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a745579ee57a6f52383f9e59116ffad9.js
nexus.ensighten.com/citi/na_prod/code/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
8a3f17038e94d546789f149681ae2762.js
nexus.ensighten.com/citi/na_prod/code/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3517a48b9e857719580ab0006a6e5650.js
nexus.ensighten.com/citi/na_prod/code/ |
2 KB 1004 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
27601650ffb6860837cd280a2905cab7.js
nexus.ensighten.com/citi/na_prod/code/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
52f27aa581743566d9926acf86b2a403.js
nexus.ensighten.com/citi/na_prod/code/ |
125 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fab64d03c0215a7d0dfb531409cbec7c.js
nexus.ensighten.com/citi/na_prod/code/ |
1 KB 714 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
9f289c4ebe766931564ecfc7f94bda4b.js
nexus.ensighten.com/citi/na_prod/code/ |
42 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
0ddfbb373b80c35ab1042f6fbd67c363.js
nexus.ensighten.com/citi/na_prod/code/ |
7 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
22e4c9662c8a60a7d783e5276645b548.js
nexus.ensighten.com/citi/na_prod/code/ |
98 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
15dc575587fd5d8993fb316b71e6c8e2.js
nexus.ensighten.com/citi/na_prod/code/ |
15 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
adb5d23a99dcfd585be8874dcb043b2d.js
nexus.ensighten.com/citi/na_prod/code/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1612dca9fcae10201880e99f97c45ce2.js
nexus.ensighten.com/citi/na_prod/code/ |
2 KB 981 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
b3715c14e0410ea39474cc3a874ae1f9.js
nexus.ensighten.com/citi/na_prod/code/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dc13aafad88956d38224208751c4071f.js
nexus.ensighten.com/citi/na_prod/code/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
0527651ea70d11a30413dba9f5110853.js
nexus.ensighten.com/citi/na_prod/code/ |
1 KB 895 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ff4cc491fc31e6e470cb400cb8e497a8.js
nexus.ensighten.com/citi/na_prod/code/ |
20 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bk-coretag.js
tags.bkrtx.com/js/ |
31 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
63068
stags.bluekai.com/site/ Frame F664 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
0
bat.bing.com/action/ |
0 265 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tc.min.js
c1.rfihub.net/js/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
425466.html
sr.rlcdn.com/ Frame D4AE |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pageName=jJRSACQ_Invite,prodID=undefined
d.turn.com/r/dd/id/L21rdC8yMy9jaWQvMTc0Nzk0Njg2Mi90LzI/kv/ |
43 B 467 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vt-70.js
vt.myvisualiq.net/2/0Litz8CpLo%2BILImaLwNgtw%3D%3D/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
fbevents.js
connect.facebook.net/en_US/ |
73 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
conversion_async.js
www.googleadservices.com/pagead/ |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
idr.js
a.rfihub.com/ |
82 B 632 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
998480723620054
connect.facebook.net/signals/config/ |
167 KB 39 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.de/pagead/1p-user-list/916451471/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync
t.myvisualiq.net/ Redirect Chain
|
43 B 300 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
sync
pippio.com/api/ Redirect Chain
|
0 62 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
21398
tags.bluekai.com/site/ Redirect Chain
|
62 B 527 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
loadus.exelator.com/load/ Redirect Chain
|
91 B 91 B |
Image
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync
t.myvisualiq.net/ |
43 B 300 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
tr
www.facebook.com/ Redirect Chain
|
44 B 244 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
ca.html
20766698p.rfihub.com/ Frame 29DE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.com/pagead/1p-user-list/960621875/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.de/pagead/1p-user-list/960621875/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.com/pagead/1p-user-list/959299794/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.de/pagead/1p-user-list/959299794/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.com/pagead/1p-user-list/916451471/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.de/pagead/1p-user-list/916451471/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.com/pagead/1p-user-list/959299794/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.de/pagead/1p-user-list/959299794/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.com/pagead/1p-user-list/960621875/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.de/pagead/1p-user-list/960621875/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.facebook.com/tr/ |
44 B 98 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s17974594809627
metrics1.citi.com/b/ss/citinaprod/1/JS-2.0.0/ Redirect Chain
|
43 B 737 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
129 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| bundle boolean| isResponsive string| siteId string| pageDef string| screen_id string| app_id string| sc object| ieHtml5Els function| $ function| jQuery function| $jq function| getParentLocation function| isSelfLoc function| isXFSWhiteListed string| parentLocation boolean| XFSWhitelisted string| domainName string| JFP_CSRF_TOKEN_AO object| OBJ_JFP_CSRF_TOKEN boolean| isCSRFAutomationEnabled function| isValidDomain function| isValidUrl string| prodId string| prspectId string| appId string| businessTypCd string| prodType string| appType number| randomddvar string| BankDigi boolean| fundVerifReq string| securePh2Fallback string| po string| isAvoka object| citiData object| eventGroup string| eventList object| ensBootstraps object| Bootstrapper boolean| fallBackZip object| validationOptions string| topDM function| impValueCheck function| impValueRadio function| PasswordMeter boolean| maskFlag object| blurring boolean| iOS string| titleAttr function| initNavMenu function| formValidation function| editForm function| cancelForm function| showForm function| saveProgress function| hideForm function| toggleAllMenus function| menuTopClick function| menuTopKeyPress function| menuChildKeyPress function| expandMenu function| collapseMenu object| jQuery19109692547527821807 object| respond function| ZeroClipboard boolean| PR_SHOULD_USE_CONTINUATION function| prettyPrintOne function| prettyPrint object| PR function| Picker object| eventEncodingUtils object| _detector function| bk_async object| val object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut boolean| bk_use_multiple_iframes boolean| bk_allow_multiple_calls object| google_tag_manager object| dataLayer object| local_params function| gtag function| _rfi function| fbq function| _fbq string| sName function| s_getLoadTime function| AppMeasurement function| s_gi function| s_pgicq function| c_r function| c_rspers function| c_w object| s_c_il number| s_c_in object| s number| s_loadT number| s_objectID number| s_giq function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP object| __core-js_shared__ function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| viqjson object| visualiqtag string| scEvents object| rs string| r object| rx number| d object| eo number| y string| s_tnt object| s_i_citinaprod5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.citicards.com/ | Name: 7018 Value: |
|
| .citicards.com/ | Name: _cls_s Value: ff431d22-96eb-43b3-a28e-9c31eb1be87e:0 |
|
| www.citicards.com/ | Name: 7830 Value: error |
|
| .citicards.com/ | Name: _cls_v Value: c2999077-d790-489a-a066-7a524385aa4b |
|
| www.citicards.com/ | Name: JSESSIONID Value: 0000vfpqhkT13zd9annr92bgUsX:3921acq2 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | Frame-Ancestors 'self' https://sit01.disputes.citi.com https://disputes.citi.com |
| X-Frame-Options | Allow-From https://sit01.disputes.citi.com https://disputes.citi.com |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
20766698p.rfihub.com
a.rfihub.com
bat.bing.com
c1.rfihub.net
connect.facebook.net
d.turn.com
googleads.g.doubleclick.net
idsync.rlcdn.com
l.info12.citi.com
loadus.exelator.com
metrics1.citi.com
nexus.ensighten.com
pippio.com
sr.rlcdn.com
stags.bluekai.com
t.myvisualiq.net
tags.bkrtx.com
tags.bluekai.com
tapestry.tapad.com
vt.myvisualiq.net
www.citicards.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.108.44.35
104.108.51.30
104.66.106.214
107.178.254.65
147.75.102.200
172.217.18.2
172.227.107.63
173.213.4.76
185.31.128.128
193.0.160.129
204.79.197.200
23.210.249.20
2a00:1450:4001:806::2003
2a00:1450:4001:816::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:81d::2008
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.193.232.33
35.156.61.26
35.157.3.192
35.186.234.100
46.228.164.13
52.208.133.140
52.222.161.196
54.210.1.1
63.140.43.86
00fa65c9c11492f14cbbd02c018540eeabb315a58afe006043a386e642840e5a
068ba5e4927f60bf480fb4c551ec03d538eb04ba2dc37409f8e8d766a7f708c6
08f2f8d098743e4e141f9f85e154ad60fa5c106ae0df0284e797b87854a40fef
08f72f766e37109e5a511ae1db59abacf880622c1a30b440fd79e266b9f2c830
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0e737f7330f332984f1e364e269cb02452eca60b2352e555c33549910464c8fc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11308af516e30ba693950fff71a8385996a9727e0f539d24e35efde005838ea5
1b19c5b1281d01c55d41ef14b2d4aef92eb8e4f49b4c31ed6b89450a5b310318
1cc5869db900d2a4e68a54608f4a94316776fb6cbb64d7a44facd3eb28f4e37c
1d1ce1175578b594a10d232b9bc5eb04c9514f9a58d6f23a6ba21519d619058b
2524d357ef6e465ff8d48ab535fa7e235ff78b640af33852c280a45b1ee869b2
2564671093e997a2d61ae58be93dd7c5e632dd6473289eb8d26b9978a6a5a608
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
2c4354f7001989938a54555a0a2ca0d66eac95fa7c2cc8855edbb2d62a1da5b0
2c7b95e516f24a2da447755f07b107bd8566745dc36322a1419ef92662019cf6
2ef33aac9924bb27db6c04096ba4a956b57ea44899206cba00804ae60103d1fe
31fe83a5f643af5c800b80a4da7bccc39d1693f24e67960c8d0af89d61c887d3
37e1e295f1c88e961f835de174294900c96e9bc02412fb6186be4d33625fc237
41ef005fe7c1f669082a323e77a41373fab42d42a922e3b9ee5696d8a7d85c60
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
493ac70b91cc7703239a1bd44630fb63c0bc0e85a9eaced5efd3345174c9f597
4bd68ef9789b7782f69134258eefca2fedfd90bb4285ea448190c3acfb65d77f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549d61da9a849277cfe2781393f59d81f55d0a2151d722a647554d0ffca1837a
58c7692735bb423227ed8d06272a168c768fbe98dce050af3033663950928cad
60340ee9f67e0ba4879757ce19457447ec2a7904f093ad83bd2009532836f76c
61eb29759b2e81e483baa333bbdeb55729898217f3d8235e0f894e2440e283e4
65ac64fbbbdf2e748669e3f76d2bceee953e5ee88ed74eb54b0b3c0148feff52
6e8aa099376459830d295cba8264ffadb98343db5539af204925bf6932a0ed45
7468e3cef1c673ea9012475ba5db87752cdd0649b495575a50aa52ddebda97f3
774e92855bff222c9b247801c10caee3caad6d037b602e64cb59ee539bea1af4
7bfe7f419e6ffc6504a329c086fc76b7c8b10681fd9aebad3497635bdba476a3
7caeed862e1fdf2d99ab4114e11e5138c3b87a66ef1d104197d778a5f3f1009e
7d32d255d2369bd24843bbdd28c46b3d4e5c6f5c27c99c799d76ba86684949b7
80531619185017975397b5510d8a113a6ab4a05f88e3be15a6992171622e3035
8053b2bb967cdd37dcd06ad44bf29c64fa76e9aa40e79d2d4f5edf3b796b33e4
864c13b3088dc7a9be0c219b1ae5791b8f6dcea9d1ad2e6b4e36fe0d28d59fc8
8ba862d36a2bace6486c255d0684fd89d2d7ad13f69744cbdf26c362e2ca28e6
8daa6496d5efc075ac33478301c7e9d02e37d20a557fbad04c01c892023cacdf
90bed28f37743d84cf0b772a0c97014d491083c9872d6fe96adb89ba2f53d67b
92885c3eeb1b67b86f6310119eaff2bd31156aa72a58c79ece0c947e1ded44bc
9dc68dae16e644c04a2f4eecb8acc7e70796f202626771d535e88b83bcdedf83
9df60fb9744a6ccb9d6293a757171fe61e72daf364a7e3001f6430c69c5af89c
9f26e9969efb622e3b704a8cb4de5888ec2959a2640aa04c12447ce7504fa871
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
abeb901632fcf757ba233d0b84c224b9d5ab9aa18bcf8beab1d4e5515624ccd5
b786b8b06328b1a2648a169daec52afee81c183464b2de82077e6a726cb0c6e3
b7b2cd5e84ad1672fe01e5074015cd54b1ee350ea8417ac8835f0740e8bb1531
b8b8d53fd35ecfed00ef746023ae1ca05a849e67c24edf86d64219ab5f413b1d
bd198c3d4cbe10de97c9059b07a66acfd526cb9d3b4fce8dee690195ab756388
c0abb0da38ca7e1413f5e2f96dcfeaaa6437dcdb81a6db52d5bb060a8bdc62b9
c370231e69ffa7499c080b938a320ebe1113746a675ecb218a3055e1fa01eb84
c39701c020b808ee3907fc1f61c6ee109ed42850583c85b59ffc2ae2b56ce607
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
d13863ae06b18099dc7df663460cf243033ad26e9d9673e206c457aeec45b1ba
d17ea7f38ba0acd5b1dfc4131655626a2353277fe99c97936765e4f6ae55a56c
d401e67c2deb51bbe05904960628e497e25ebfce6808ccbfef70c0632b415d7f
dd46b817054278b83168b3511bea90400f5cf687d930b64b817f02f567fd3fff
de13c07fe823e33712949cb7a8924d437167aa43c6fe03f7e18c9d38b778851b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ac132a6c9e42e1d9e5bedab82b186a06f40ca17afd1be4d3a11b736e17f809
e9ca065ac71d21cd53463b3f9ba791c4dbc131470af6fb05f3ec735965ad9ff9
ec57bb87aa08373685aaa811b45d0898dcf492d269192cbbbcaa318e2eb58d0e
eca17c5e10e24caa55225fc490c63cce6fd9cddfbbb44e5b676681e894b6ad25
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f530249dd1d5b8b1d23d7a2860924d2ceb88f9d2c9f7df785be17f3abb1c560b
fa2d499915cc9d27d3ed17f446d25a0fe5068ef7623e03f7ff274ca5cc20650b
faecabb33a8ca6b3a0a64150c8233b4a70a41b20b438f89a50630f35c483086c
fdb9b152429c9a7a63b6d16e25be5b2c6567d0b5224f35101488b75e6285566b