urlscan.io logo urlscan.io
SecurityTrails logo

credit.kohls.com Open in urlscan Pro
66.22.20.103  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://credit.kohls.com/home
Effective URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Submission: On April 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 24 HTTP transactions. The main IP is 66.22.20.103, located in United States and belongs to RADWARE-CLOUD-SERVICES, US. The main domain is credit.kohls.com. The Cisco Umbrella rank of the primary domain is 179939.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 2nd 2023. Valid for: a year.
This is the only time credit.kohls.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 10 66.22.20.103 25773 (RADWARE-C...)
13 2600:9000:237... 16509 (AMAZON-02)
1 2600:9000:26d... 16509 (AMAZON-02)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 104.16.184.241 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
24 7
10    66.22.20.103 (United States)

ASN25773 (RADWARE-CLOUD-SERVICES, US)
credit.kohls.com
13    2600:9000:237d:1a00:0:ed0d:63c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3ksttzjeov72n.cloudfront.net
1    2600:9000:26da:6800:1b:64b0:3080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.firstdata.com
2    2a02:26f0:3100:795::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
684dd32c.akstat.io
1    104.16.184.241 (None, )

ASN13335 (CLOUDFLARENET, US)
ipv4.icanhazip.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a02:26f0:3500:998::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
Apex Domain
Subdomains		 Transfer
13 cloudfront.net
d3ksttzjeov72n.cloudfront.net
780 KB
10 kohls.com
credit.kohls.com — Cisco Umbrella Rank: 179939
40 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 268
1 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1982
c.go-mpulse.net — Cisco Umbrella Rank: 845
54 KB
1 akstat.io
684dd32c.akstat.io — Cisco Umbrella Rank: 94619
226 B
1 icanhazip.com
ipv4.icanhazip.com — Cisco Umbrella Rank: 11216
364 B
1 firstdata.com
cdn.firstdata.com — Cisco Umbrella Rank: 174241
49 KB
24 7
Domain Requested by
13 d3ksttzjeov72n.cloudfront.net credit.kohls.com
d3ksttzjeov72n.cloudfront.net
10 credit.kohls.com 6 redirects d3ksttzjeov72n.cloudfront.net
2 securepubads.g.doubleclick.net d3ksttzjeov72n.cloudfront.net
1 684dd32c.akstat.io s.go-mpulse.net
1 c.go-mpulse.net s.go-mpulse.net
1 ipv4.icanhazip.com d3ksttzjeov72n.cloudfront.net
1 s.go-mpulse.net credit.kohls.com
1 cdn.firstdata.com credit.kohls.com
24 8

This site contains links to these domains. Also see Links.

Domain
www.kohls.com
apply.kohls.com
Subject Issuer Validity Valid
credit.kohls.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-02 -
2024-07-02		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
cdn.firstdata.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-02 -
2024-06-24		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-06 -
2025-03-06		 a year crt.sh
icanhazip.com
E1		 2024-03-07 -
2024-06-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Frame ID: F037145ABCDAF02E6EB536E332CD952A
Requests: 22 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Frame ID: D46BF41E56FEF48D72B57E31ABC81F98
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

eCustomer Service

Page URL History Show full URLs

  1. https://credit.kohls.com/home HTTP 303
    https://credit.kohls.com/ecs/auth?cid=AAAA4151001 HTTP 301
    https://credit.kohls.com/ecs/auth/?cid=AAAA4151001 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • zip\.co
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

24
Requests

92 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

918 kB
Transfer

2762 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://credit.kohls.com/home HTTP 303
    https://credit.kohls.com/ecs/auth?cid=AAAA4151001 HTTP 301
    https://credit.kohls.com/ecs/auth/?cid=AAAA4151001 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://credit.kohls.com/eCustService/onlineopinionV5/oo_tab_icon_retina.gif HTTP 301
  • https://credit.kohls.com/ HTTP 303
  • https://credit.kohls.com/ecs/auth?cid=AAAA4151001 HTTP 301
  • https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Request Chain 15
  • https://credit.kohls.com/favicon.ico HTTP 303
  • https://credit.kohls.com/404.html

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
credit.kohls.com/ecs/auth/
Redirect Chain
  • https://credit.kohls.com/home
  • https://credit.kohls.com/ecs/auth?cid=AAAA4151001
  • https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.20.103 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
2c851d61e6b6d070cbf1e4fca2860db2c0827f8b3f648fde73904ea74280c8c8
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-M2RjOGMyNDMtYjYyNy00NDdkLTlhYTctYjIxMzk3MDYxNjNm'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
script-src 'strict-dynamic' 'unsafe-eval' 'nonce-M2RjOGMyNDMtYjYyNy00NDdkLTlhYTctYjIxMzk3MDYxNjNm'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Wed, 10 Apr 2024 15:47:32 GMT
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-XSS-Protection
1; mode=block 1; mode=block
expires
-1d

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Security-Policy
default-src 'none'
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Apr 2024 15:47:32 GMT
Location
/ecs/auth/?cid=AAAA4151001
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-XSS-Protection
1; mode=block 1; mode=block
expires
-1d
bootstrap.min_4.6.0.css
d3ksttzjeov72n.cloudfront.net/assets/stylesheets/global/ 		156 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/assets/stylesheets/global/bootstrap.min_4.6.0.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:1a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33bbfcb62d416e997c644430385e28227830e164193697c05cb8292f637ef3d4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
qKHsUnnKFMZgAt9pGqwlddnt6MlR1sEr
content-encoding
br
via
1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
date
Wed, 10 Apr 2024 15:47:33 GMT
last-modified
Thu, 08 Jun 2023 04:23:14 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
47796
x-amz-server-side-encryption
AES256
etag
W/"258faa3208373250ffe729418435d270"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
XQ6xZi9nquyOxdaxuK8zNV_PWbomrr7VDQz4iAIoPkrLMSH5vzQIWg==
fontawesome-all.min.css
cdn.firstdata.com/global/stylesheets/vendor/fontawesome-pro-5.0.12/css/ 		49 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.firstdata.com/global/stylesheets/vendor/fontawesome-pro-5.0.12/css/fontawesome-all.min.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:6800:1b:64b0:3080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
170f6f3bf935abdfb170ce0f871755db1fd5e473317c659b551fb542d02b2844

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
z0BouNAw_Ue0nfki3a47GipUh4LG9Ovr
date
Wed, 10 Apr 2024 01:43:41 GMT
via
1.1 3a5ebe10b769db9444c2df2c2e8a76a8.cloudfront.net (CloudFront)
last-modified
Thu, 30 Apr 2020 21:40:09 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
50633
x-amz-server-side-encryption
AES256
etag
"fa458861897529425cdf08dffe6146a4"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
49945
x-amz-cf-id
cwtNQ2HmCMmLG0HjfqCKDqYtnuDEv2RGj13hIW43Lphr-UV54UgKnA==
published_main_13.css
d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/templates/cfi/ 		1 KB
825 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/templates/cfi/published_main_13.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:1a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eef93a7ff6f4d0afdf9ad3bc39ee60a915732171d405e90032bf5ee8fe4a19aa

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
qBmca3nvlJBew.nyV4JoTL4LZHwO7Bp_
content-encoding
br
via
1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
date
Wed, 10 Apr 2024 05:27:18 GMT
last-modified
Fri, 30 Jul 2021 14:03:53 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
37216
x-amz-server-side-encryption
AES256
x-amz-meta-x-amz-meta-title
/ecs/banks/AAAA4151001/templates/cfi/saved_main.css
vary
Accept-Encoding
etag
W/"3427d8d110efae5852b0b0560554321e"
content-type
text/css
x-cache
Hit from cloudfront
x-amz-cf-id
afuLVVtpVMmhHJB0exbv3W8uHWcMzEBDWEj-UX7u4tfSZMYfp6H4CQ==
auth_styles.min.css
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/ 		741 KB
123 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:1a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a5b17b74cd096238de6258647f657d617e70b47de248d17c30d5a5e2506e9b2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
cmvzHvi1ef78MMCgjiAVE2yMt3yGPk5c
content-encoding
gzip
via
1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
date
Wed, 10 Apr 2024 15:47:33 GMT
last-modified
Thu, 21 Mar 2024 06:39:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
37216
x-amz-server-side-encryption
AES256
etag
W/"3409f176cc52c33e4932747df37404d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
EgKzflNJfB6gTo3nkbcp0AL8dPC3GLqY9Wp06TWDFdZQm0WE7xjh1A==
gpt.js
d3ksttzjeov72n.cloudfront.net/assets/scripts/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/assets/scripts/gpt.js
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:1a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79ee555e21c245f869ad87378cfa18fa3899717bd824fa6d7ac94782bb986cd6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
O5EXxPNcFzi8QclwQ8BK2ng30c2ktO1.
content-encoding
br
via
1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
date
Wed, 10 Apr 2024 15:47:33 GMT
last-modified
Thu, 21 Mar 2024 02:18:01 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
31956
x-amz-server-side-encryption
AES256
etag
W/"71390372a2d74a968e48dd4d0d65557c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
i8sx-Z2DiWpBgNVSJX-vj4rQf4NpLZctLkIUgWbmmB6g7A31voLtaQ==
auth-bundle.min.js
d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/ 		1006 KB
237 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/auth-bundle.min.js
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:1a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fddd8f83268a9244b128fed07bf30a79237cf3b2c0d467ce10662ac861f6c59

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
O3.R_1I3GPy7NRtl22PbCtM0mWbZ8r_0
content-encoding
br
via
1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
date
Wed, 10 Apr 2024 15:47:33 GMT
last-modified
Thu, 21 Mar 2024 06:39:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
25185
x-amz-server-side-encryption
AES256
etag
W/"3240646d77a70c6cef1f20d24b347402"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
bOJoDeDGvHSe2x3ZMobZNPx8yn7sPWQE_haDp5W9iMfqLSBtP_cZQw==
3H6HN-HCW87-4HZF3-YWYL6-C7HHH
s.go-mpulse.net/boomerang/ Frame D46B 		214 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:795::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
aaa3677440f44dc9c11249cf6291644c13c1b0eeb7ba01325ed493178f7a10a6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 15:47:33 GMT
content-encoding
br
last-modified
Thu, 21 Mar 2024 19:34:05 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
x-n
S
timing-allow-origin
*
content-length
53410
/
ipv4.icanhazip.com/ 		15 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv4.icanhazip.com/
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/auth-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.184.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
989ff3fdf379de6990436d8d8aa5a2663d2bf79da50d0fdd5d701a71346c3205

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 15:47:33 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cf-ray
8723e0458856be38-CPH
alt-svc
h3=":443"; ma=86400
content-length
15
OpenSans-Regular.ttf
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/ 		94 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/OpenSans-Regular.ttf
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:1a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34ad67cfc362403e3baabe4ad0f4ef0b4b6b68e2f252dd703bbb1e10198188e2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Origin
https://credit.kohls.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
bhMbwpUWcqLtDOgd1mfKPZUQKvETAjyX
date
Wed, 10 Apr 2024 15:47:33 GMT
via
1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
1994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
96428
last-modified
Thu, 11 Aug 2022 04:32:04 GMT
server
AmazonS3
etag
"5a798cdadc7cd321e3f72425b70bface"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://credit.kohls.com
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
Hc-T6KoQvHWY9jP3oDP3VlWwCMZCNHOpT002TSszcG4tiHCcP_WMTw==
OL_ENGINE.js
d3ksttzjeov72n.cloudfront.net/assets/scripts/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/assets/scripts/OL_ENGINE.js
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/auth-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:1a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26591f0e9074e03b9b45a60e9ad21b3ef6e9c182901903949a18e21b26759ff0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
BEmKnWNl75lQFiNSVWXt0ioKe672fz.P
content-encoding
br
via
1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
date
Wed, 10 Apr 2024 15:47:33 GMT
last-modified
Wed, 09 Jun 2021 19:39:37 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
5837
x-amz-server-side-encryption
AES256
etag
W/"baabad5b06edc9b1df65a8f29d3ffe5d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
efzpTYhjk0FUDlsU0ZfExQkWHw8TGyd0w5trmwMgIxHJ9LEC8x2wTg==
OL_CONF_INLINE.js
d3ksttzjeov72n.cloudfront.net/assets/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/assets/scripts/OL_CONF_INLINE.js
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/auth-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:1a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3739aaade6ba466c207142443cd08fb5c19481be06180bcf7da87291689cbfe

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5XI841_4pGVoFQ63A8UbHoqoM5f334jC
content-encoding
gzip
via
1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
date
Wed, 10 Apr 2024 15:47:33 GMT
last-modified
Wed, 09 Jun 2021 19:39:34 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
47788
x-amz-server-side-encryption
AES256
etag
W/"530d4cdedab8e19176884727de612674"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
GC8i143B6ea3il4xKS93tDPqpyNmPcIqBqeUAR55jG6Xjd7IQB6V3g==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/ 		485 B
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb8fac376f394b4154f901255a03e6d49fe4f094fb8959081209f600a932efe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 15:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
261
x-xss-protection
0
pragma
no-cache
server
cafe
etag
2983297436258324226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		135 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=credit.kohls.com
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2c06b9c01c888e2d493446ed94fca45875968b64a95f2b3dbabfc69098bc4eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 15:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80
x-xss-protection
0
expires
Wed, 10 Apr 2024 15:47:33 GMT
AAAA4151001
credit.kohls.com/ecs/auth/api/config/ 		93 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://credit.kohls.com/ecs/auth/api/config/AAAA4151001?language=en_US
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/assets/scripts/ecs-auth-ui/auth-bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.22.20.103 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
653f79422031c44f9ea6fd9af9a815b08a8d7ec8167dd6a1e94805daefc9b1b7
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-YjM1OTRjYjEtNDUyZi00NTUyLTk1MjQtM2UxMmU0ZjgzOTNl'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
activityDateTime
2024-04-10T17:47:33+02:00
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
ipAddress
193.32.248.225
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
preferredLanguage
EN
Accept
application/json, text/plain, */*
Referer
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
script-src 'strict-dynamic' 'unsafe-eval' 'nonce-YjM1OTRjYjEtNDUyZi00NTUyLTk1MjQtM2UxMmU0ZjgzOTNl'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Date
Wed, 10 Apr 2024 15:47:33 GMT
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Transfer-Encoding
chunked
X-DNS-Prefetch-Control
off
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
ETag
W/"17315-qso9mpzV5uJLvoLCDefZw5xav7c"
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/json; charset=utf-8
Cache-Control
no-store, no-cache, no-store, must-revalidate
expires
-1d
/
credit.kohls.com/ecs/auth/
Redirect Chain
  • https://credit.kohls.com/eCustService/onlineopinionV5/oo_tab_icon_retina.gif
  • https://credit.kohls.com/
  • https://credit.kohls.com/ecs/auth?cid=AAAA4151001
  • https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
HTTP/1.1
Server
66.22.20.103 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MGQ0ZGE4NzYtM2I4NC00NzcwLTg4YTctOGE2NGQxY2Y2MDcz'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MGQ0ZGE4NzYtM2I4NC00NzcwLTg4YTctOGE2NGQxY2Y2MDcz'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Date
Wed, 10 Apr 2024 15:47:34 GMT
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Transfer-Encoding
chunked
X-DNS-Prefetch-Control
off
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
expires
-1d

Redirect headers

Content-Security-Policy
default-src 'none'
Date
Wed, 10 Apr 2024 15:47:34 GMT
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
Transfer-Encoding
chunked
X-DNS-Prefetch-Control
off
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Location
/ecs/auth/?cid=AAAA4151001
Cache-Control
no-cache, no-store, must-revalidate
expires
-1d
404.html
credit.kohls.com/
Redirect Chain
  • https://credit.kohls.com/favicon.ico
  • https://credit.kohls.com/404.html
3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://credit.kohls.com/404.html
Protocol
HTTP/1.1
Server
66.22.20.103 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS
Software
/
Resource Hash
534bd2ec5c1584cfa0074ded7d85848e34216a729149e88dab87fadf54b79287
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; base-uri 'self'; script-src 'nonce-Nf75/X9DNKqvzElAMCoC3g==' 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://cdn.firstdata.com https://d1kjcdrfrq03t3.cloudfront.net http://d3ksttzjeov72n.cloudfront.net/ https://js-cdn.dynatrace.com https://cs.kohls.com https://kohlsecommerce.com https://s.go-mpulse.net https://tags.tiqcdn.com https://assets.adobedtm.com https://www.googletagservices.com https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com kohls.ada.support static.ada.support previews.ada.support ws-mt1.pusher.com https://maps.googleapis.com https://maps.gstatic.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'; base-uri 'self'; script-src 'nonce-Nf75/X9DNKqvzElAMCoC3g==' 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://cdn.firstdata.com https://d1kjcdrfrq03t3.cloudfront.net http://d3ksttzjeov72n.cloudfront.net/ https://js-cdn.dynatrace.com https://cs.kohls.com https://kohlsecommerce.com https://s.go-mpulse.net https://tags.tiqcdn.com https://assets.adobedtm.com https://www.googletagservices.com https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com kohls.ada.support static.ada.support previews.ada.support ws-mt1.pusher.com https://maps.googleapis.com https://maps.gstatic.com; object-src 'none'
Date
Wed, 10 Apr 2024 15:47:34 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-REQUEST-ID
522bfb93-8737-4601-9eb3-6b98ab9182a4
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Accept-Encoding,Origin
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
expires
-1d

Redirect headers

Pragma
no-cache
Content-Security-Policy
frame-ancestors 'self'; base-uri 'self'; script-src 'nonce-Tsq938RCSQ+YygQNom+csA==' 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://cdn.firstdata.com https://d1kjcdrfrq03t3.cloudfront.net http://d3ksttzjeov72n.cloudfront.net/ https://js-cdn.dynatrace.com https://cs.kohls.com https://kohlsecommerce.com https://s.go-mpulse.net https://tags.tiqcdn.com https://assets.adobedtm.com https://www.googletagservices.com https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com kohls.ada.support static.ada.support previews.ada.support ws-mt1.pusher.com https://maps.googleapis.com https://maps.gstatic.com; object-src 'none'
Date
Wed, 10 Apr 2024 15:47:33 GMT
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Vary
Origin
X-Frame-Options
SAMEORIGIN
Location
/404.html
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-REQUEST-ID
556eb3db-2e99-4e59-aced-6a263d03d555
expires
-1d
OpenSans-SemiBold.ttf
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/ 		98 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/OpenSans-SemiBold.ttf
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:1a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c729fb9e9113b95da37edd1ee95a983d22c46b646fc2427641943ecd3b86e104

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Origin
https://credit.kohls.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
EVuKfqftIUSq8D4VCw1jTX1jQKm5r5_K
date
Wed, 10 Apr 2024 15:47:33 GMT
via
1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
1994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
100256
last-modified
Thu, 11 Aug 2022 04:32:08 GMT
server
AmazonS3
etag
"096d8c73bb18e4328284f25138b47ac6"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://credit.kohls.com
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
KMviS507ltEd5rfnRZwtVjQSwoeDMXUOC-d25_NivwzD3shnYRKxyg==
OpenSans-Bold.ttf
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/ 		101 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/OpenSans-Bold.ttf
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:1a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7a41b04969454dfbe620bfbc7699647b2819d768374b3f0f90a714a0d80b199

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.min.css
Origin
https://credit.kohls.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
nUKUekj8ArdJHhoBL0vGfyN1uodHat23
date
Wed, 10 Apr 2024 15:47:33 GMT
via
1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
1994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
103616
last-modified
Thu, 11 Aug 2022 04:31:43 GMT
server
AmazonS3
etag
"0062c34665a3fc0f2278cd4e955702ec"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://credit.kohls.com
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
3bmGsYf1dq4UfwSGGQIH68OjbI8AFsc-nWPuwexM6DSb-ilsHFr3SA==
LandingPage_Marketing_Image_2021-01-27T12:06:50.899Z.png
d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/LandingPage_Marketing_Image_2021-01-27T12:06:50.899Z.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:1a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eaffa853efb6e9eefd32e06a2f07bd2424fdf8fe23eec828610b8f5d61b2ef49

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
OoGFlH5pOQnYl1Y8oka0OwHtpKMYun4T
date
Tue, 09 Apr 2024 19:42:24 GMT
via
1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 04:57:51 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
72310
x-amz-server-side-encryption
AES256
etag
"d3ef2a1238f2c7a80fe17f03f277aacb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
54955
x-amz-cf-id
6Cl-WgfhuufOsZnFOWJtTZINda1FkFqPkBOtQXg7QecswwSMnJEt7w==
not-visible.svg
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/images/ 		992 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/images/not-visible.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:1a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcf45c12e41f8d9b2dd5bd5c3088ce0b89f9679fabff8b1f94170b25ca1c2634

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
tQeT04l3xpkhZn0F0CCDj1tkPm_onaXR
date
Tue, 09 Apr 2024 19:21:33 GMT
via
1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
last-modified
Thu, 11 Aug 2022 04:37:06 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
73561
x-amz-server-side-encryption
AES256
etag
"6fce3ff9699a8ccf4c184be7b2ae8e9b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
992
x-amz-cf-id
5ArCMzihQUynaOY45_CE7iF1NGDGzv13-FS_uzzkzSTyCq1kATjG7Q==
LandingPage_Logo_Image_2020-12-01T20:33:03.919Z.jpeg
d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/LandingPage_Logo_Image_2020-12-01T20:33:03.919Z.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:1a00:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae893461bc00dc0c85f1e4b60b5059f9cf9fef356cd8c104c9aa8ebf3a1cb66c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
NhqLAlKuOQnJQapzoCD0jNza90AjFrK6
date
Wed, 10 Apr 2024 15:47:33 GMT
via
1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 04:57:53 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
44892
x-amz-server-side-encryption
AES256
etag
"05406680debd225230e676efede11868"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
6032
x-amz-cf-id
NGkKKXgclZ2rYl6dKFmF4OiBwiDhk8tiI5mlWWow7e_Fz9ChXy1R7g==
config.json
c.go-mpulse.net/api/ Frame D46B 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=3H6HN-HCW87-4HZF3-YWYL6-C7HHH&d=credit.kohls.com&t=5709214&v=1.792.0&if=&sl=0&si=1693a045-3376-4ce2-af60-f0d9ba39184a-sbqh78&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,BFCache,LOGN&acao=
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:998::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c343b3749d85ec33e9924304055c4711a8c5cf90c1c8d4af82c4976b8a649d53

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 15:47:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
1053
/
684dd32c.akstat.io/ 		0
226 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://684dd32c.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:795::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 15:47:35 GMT
content-type
image/gif
access-control-allow-origin
https://credit.kohls.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
x-xss-protection
0
expires
Wed, 10 Apr 2024 15:47:35 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| digitalData string| environment object| GLOBAL_VARIABLES object| googletag number| BOOMR_lstart object| ggeac object| google_tag_data object| google_js_reporting_queue object| OOo number| BOOMR_onload function| startFeedback object| BOOMR object| BOOMR_mq number| BOOMR_configt

7 Cookies

Domain/Path Name / Value
credit.kohls.com/ Name: __uzma
Value: ce8b3f7d-376f-40d2-be67-cf6794492511
credit.kohls.com/ Name: __uzmb
Value: 1712764052
credit.kohls.com/ Name: __uzme
Value: 5023
credit.kohls.com/ Name: clientId
Value: AAAA4151001
credit.kohls.com/ Name: __uzmd
Value: 1712764054
credit.kohls.com/ Name: __uzmc
Value: 100682899594
.credit.kohls.com/ Name: RT
Value: "z=1&dm=credit.kohls.com&si=ea94a002-6dc8-48d6-ac52-c1611ff273db&ss=lutzhsmk&sl=1&tt=188&bcn=%2F%2F684dd32c.akstat.io%2F&ld=2d3"

2 Console Messages

Source Level URL
Text
security error URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001(Line 54)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' 'unsafe-eval' 'nonce-M2RjOGMyNDMtYjYyNy00NDdkLTlhYTctYjIxMzk3MDYxNjNm'". Either the 'unsafe-inline' keyword, a hash ('sha256-hW30MYULqkA0RuHkMjtsVnH1QwCOK4fZsfvhfoAyFY8='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001(Line 54)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'strict-dynamic' 'unsafe-eval' 'nonce-M2RjOGMyNDMtYjYyNy00NDdkLTlhYTctYjIxMzk3MDYxNjNm'". Either the 'unsafe-inline' keyword, a hash ('sha256-G7peGWkII6PET/S8vDqf93wQvsP+xol5VEup9FTtx1E='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-M2RjOGMyNDMtYjYyNy00NDdkLTlhYTctYjIxMzk3MDYxNjNm'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd32c.akstat.io
c.go-mpulse.net
cdn.firstdata.com
credit.kohls.com
d3ksttzjeov72n.cloudfront.net
ipv4.icanhazip.com
s.go-mpulse.net
securepubads.g.doubleclick.net
104.16.184.241
2600:9000:237d:1a00:0:ed0d:63c0:21
2600:9000:26da:6800:1b:64b0:3080:93a1
2a00:1450:4001:80f::2002
2a02:26f0:3100:795::11a6
2a02:26f0:3500:998::11a6
66.22.20.103
170f6f3bf935abdfb170ce0f871755db1fd5e473317c659b551fb542d02b2844
26591f0e9074e03b9b45a60e9ad21b3ef6e9c182901903949a18e21b26759ff0
2a5b17b74cd096238de6258647f657d617e70b47de248d17c30d5a5e2506e9b2
2c851d61e6b6d070cbf1e4fca2860db2c0827f8b3f648fde73904ea74280c8c8
33bbfcb62d416e997c644430385e28227830e164193697c05cb8292f637ef3d4
34ad67cfc362403e3baabe4ad0f4ef0b4b6b68e2f252dd703bbb1e10198188e2
534bd2ec5c1584cfa0074ded7d85848e34216a729149e88dab87fadf54b79287
653f79422031c44f9ea6fd9af9a815b08a8d7ec8167dd6a1e94805daefc9b1b7
79ee555e21c245f869ad87378cfa18fa3899717bd824fa6d7ac94782bb986cd6
7fddd8f83268a9244b128fed07bf30a79237cf3b2c0d467ce10662ac861f6c59
989ff3fdf379de6990436d8d8aa5a2663d2bf79da50d0fdd5d701a71346c3205
a7a41b04969454dfbe620bfbc7699647b2819d768374b3f0f90a714a0d80b199
aaa3677440f44dc9c11249cf6291644c13c1b0eeb7ba01325ed493178f7a10a6
ae893461bc00dc0c85f1e4b60b5059f9cf9fef356cd8c104c9aa8ebf3a1cb66c
b2c06b9c01c888e2d493446ed94fca45875968b64a95f2b3dbabfc69098bc4eb
bcf45c12e41f8d9b2dd5bd5c3088ce0b89f9679fabff8b1f94170b25ca1c2634
c343b3749d85ec33e9924304055c4711a8c5cf90c1c8d4af82c4976b8a649d53
c729fb9e9113b95da37edd1ee95a983d22c46b646fc2427641943ecd3b86e104
cb8fac376f394b4154f901255a03e6d49fe4f094fb8959081209f600a932efe0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaffa853efb6e9eefd32e06a2f07bd2424fdf8fe23eec828610b8f5d61b2ef49
eef93a7ff6f4d0afdf9ad3bc39ee60a915732171d405e90032bf5ee8fe4a19aa
f3739aaade6ba466c207142443cd08fb5c19481be06180bcf7da87291689cbfe