Submitted URL: https://gr-uatv1.cxtrvl.com/login?returnUrl=%2FReviewAndBook
Effective URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Submission: On April 20 via manual from US

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 25 HTTP transactions. The main IP is 159.127.185.22, located in United States and belongs to EPSILON-INTERACTIVE, US. The main domain is uat.cbgrus.uatglobalrewards.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on October 19th 2018. Valid for: 2 years.
This is the only time uat.cbgrus.uatglobalrewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 216.68.192.241 6181 (FUSE-NET)
2 4 159.127.185.22 19137 (EPSILON-I...)
11 163.171.128.148 54994 (QUANTILNE...)
7 18.195.42.228 16509 (AMAZON-02)
2 151.101.14.133 54113 (FASTLY)
1 2 15.188.31.119 16509 (AMAZON-02)
1 151.101.113.175 54113 (FASTLY)
1 35.241.45.82 15169 (GOOGLE)
25 7
Domain Requested by
11 uat.cbgrus.staticcontent.uatglobalrewards.com uat.cbgrus.uatglobalrewards.com
7 nexus.ensighten.com uat.cbgrus.uatglobalrewards.com
nexus.ensighten.com
4 uat.cbgrus.uatglobalrewards.com 2 redirects uat.cbgrus.uatglobalrewards.com
2 metrics1.citibank.com 1 redirects uat.cbgrus.uatglobalrewards.com
2 resources.digital-cloud-citi.medallia.com nexus.ensighten.com
resources.digital-cloud-citi.medallia.com
2 gr-uatv1.cxtrvl.com 2 redirects
1 udc-neb.kampyle.com
1 nebula-cdn.kampyle.com resources.digital-cloud-citi.medallia.com
25 8

This site contains no links.

Subject Issuer Validity Valid
*.cbgrus.uatglobalrewards.com
Entrust Certification Authority - L1K
2018-10-19 -
2020-10-01
2 years crt.sh
support5.cdnetworks.net
DigiCert SHA2 High Assurance Server CA
2019-11-01 -
2020-07-02
8 months crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA
2019-10-03 -
2020-10-02
a year crt.sh
*.digital-cloud-citi.medallia.com
SSL.com DV CA
2018-11-13 -
2020-11-12
2 years crt.sh
metrics1.citibank.com
DigiCert SHA2 High Assurance Server CA
2020-01-20 -
2021-04-22
a year crt.sh
j.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2
2020-02-28 -
2020-06-11
3 months crt.sh
*.kampyle.com
RapidSSL RSA CA 2018
2020-02-11 -
2022-03-06
2 years crt.sh

This page contains 1 frames:

Primary Page: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Frame ID: 32E0B5C9CB0285BB33D4BFF1C9FCA813
Requests: 25 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://gr-uatv1.cxtrvl.com/login?returnUrl=%2FReviewAndBook HTTP 302
    https://gr-uatv1.cxtrvl.com/SH/Handlers/ReceptionDesk.ashx HTTP 302
    https://uat.cbgrus.uatglobalrewards.com/loginSeamless.htm?partnerCode=FV_GRCLTS&sessionState=L&relayState=https://gr... HTTP 302
    http://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false HTTP 302
    https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/nexus\.ensighten\.com\//i

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

7
IPs

4
Countries

613 kB
Transfer

2278 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gr-uatv1.cxtrvl.com/login?returnUrl=%2FReviewAndBook HTTP 302
    https://gr-uatv1.cxtrvl.com/SH/Handlers/ReceptionDesk.ashx HTTP 302
    https://uat.cbgrus.uatglobalrewards.com/loginSeamless.htm?partnerCode=FV_GRCLTS&sessionState=L&relayState=https://gr-uatv1.cxtrvl.com/SH/Handlers/ReceptionDesk.ashx HTTP 302
    http://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false HTTP 302
    https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://metrics1.citibank.com/b/ss/citicitigrdev/1/H.27.5/s11493055962770?AQB=1&ndh=1&t=20%2F3%2F2020%2017%3A36%3A34%201%20-120&fid=6431471749E835B6-2EAE2F9D87A2AAF2&ce=UTF-8&ns=citinaconsumer&pageName=GR%3Alogin&g=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse&cc=USD&server=uat.cbgrus.uatglobalrewards.com&events=event9&v15=11%3A30AM&v16=Monday&v31=New&v32=1&c64=New&c65=1&c66=11%3A30AM&c67=Monday&c74=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse&c75=Citi%20GR%20s_code%20v12.0%20-%202016-DEC-22%20%7C%20SC%20Base%20Code%20H.27.5&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • https://metrics1.citibank.com/b/ss/citicitigrdev/1/H.27.5/s11493055962770?AQB=1&pccr=true&vidn=2F4EE0C10515EE43-4000081F71BC191C&ndh=1&t=20%2F3%2F2020%2017%3A36%3A34%201%20-120&fid=6431471749E835B6-2EAE2F9D87A2AAF2&ce=UTF-8&ns=citinaconsumer&pageName=GR%3Alogin&g=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse&cc=USD&server=uat.cbgrus.uatglobalrewards.com&events=event9&v15=11%3A30AM&v16=Monday&v31=New&v32=1&c64=New&c65=1&c66=11%3A30AM&c67=Monday&c74=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse&c75=Citi%20GR%20s_code%20v12.0%20-%202016-DEC-22%20%7C%20SC%20Base%20Code%20H.27.5&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.htm
uat.cbgrus.uatglobalrewards.com/
Redirect Chain
  • https://gr-uatv1.cxtrvl.com/login?returnUrl=%2FReviewAndBook
  • https://gr-uatv1.cxtrvl.com/SH/Handlers/ReceptionDesk.ashx
  • https://uat.cbgrus.uatglobalrewards.com/loginSeamless.htm?partnerCode=FV_GRCLTS&sessionState=L&relayState=https://gr-uatv1.cxtrvl.com/SH/Handlers/ReceptionDesk.ashx
  • http://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
  • https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
50 KB
51 KB
Document
General
Full URL
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.127.185.22 , United States, ASN19137 (EPSILON-INTERACTIVE, US),
Reverse DNS
Software
/
Resource Hash
628747dcceee836c492f6dd94e1fd5e3a270c490776f9ae32ee10c42a7a2f960
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
uat.cbgrus.uatglobalrewards.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CSESSIONID=fb863595f92a49949874535d64219d104599ab5c7ea888fb9895!1241348613
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:36:33 GMT
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
X-FRAME-OPTIONS
SAMEORIGIN
Content-Language
co-SPA

Redirect headers

Location
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Server
BigIP
Connection
Keep-Alive
Content-Length
0
Ensighten_Bootstrap_GR.js
uat.cbgrus.uatglobalrewards.com///cms/js/citirewards/
1 KB
638 B
Script
General
Full URL
https://uat.cbgrus.uatglobalrewards.com///cms/js/citirewards/Ensighten_Bootstrap_GR.js
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.127.185.22 , United States, ASN19137 (EPSILON-INTERACTIVE, US),
Reverse DNS
Software
/
Resource Hash
ec9f0dea1200b826bd8f8960cc9ecd5531f9d5215f3576b9cf579f825aaa46d5

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:36:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Oct 2018 13:52:38 GMT
Accept-Ranges
bytes
Transfer-Encoding
chunked
Content-Type
text/javascript
main.css
uat.cbgrus.staticcontent.uatglobalrewards.com//css/
418 KB
86 KB
Stylesheet
General
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//css/main.css
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
65196736be2a58fbd32d09de221e449e0d4395558c3597f8c9f72cbba15aa353

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:36:33 GMT
Via
1.1 PSdgflkfFRA1ox201:9 (W), 1.1 PSdgflkfFRA1gd96:15 (W)
Last-Modified
Thu, 27 Feb 2020 21:16:26 GMT
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
5e9dc181_PSdgflkfFRA1gi9_31406-14914
Content-Type
text/css
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Encoding
gzip
main_v2.css
uat.cbgrus.staticcontent.uatglobalrewards.com//css/
37 KB
6 KB
Stylesheet
General
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//css/main_v2.css
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
966f52d6ec3b2b1a88bbc8e3f7c84c58860c9db1e360b56e370eb522268ebbe6

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:36:33 GMT
Via
1.1 PSdgflkfFRA1bc200:9 (W), 1.1 PSdgflkfFRA1gd96:5 (W)
Last-Modified
Thu, 27 Feb 2020 21:16:26 GMT
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
5e9dc181_PSdgflkfFRA1gd9_13349-16391
Content-Type
text/css
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Encoding
gzip
citi-logo-simple.png
uat.cbgrus.staticcontent.uatglobalrewards.com//images/global/
4 KB
5 KB
Image
General
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//images/global/citi-logo-simple.png
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
8c65590d3282958dd508970eef5ff93cbab5467fce38c7f3c825d54b729d4c51

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:36:33 GMT
Via
1.1 PSdgflkfFRA1ox201:1 (W), 1.1 PSdgflkfFRA1je97:14 (W)
Last-Modified
Thu, 27 Feb 2020 21:16:28 GMT
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
5e9dc181_PSdgflkfFRA1gd9_13349-16414
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4515
hero.jpg
uat.cbgrus.staticcontent.uatglobalrewards.com//images/country-selector/
78 KB
78 KB
Image
General
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//images/country-selector/hero.jpg
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
a581be6dc09b0a3f337f1243178b3f23442a732b946bf46d4e73b4f2282e1c30

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:36:33 GMT
Via
1.1 PSdgflkfFRA1hb199:10 (W), 1.1 PSdgflkfFRA1gi91:5 (W)
Last-Modified
Thu, 27 Feb 2020 21:16:28 GMT
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
5e9dc181_PSdgflkfFRA1gi9_31406-14939
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
80010
citi-logo-small.jpg
uat.cbgrus.staticcontent.uatglobalrewards.com//images/global/
2 KB
2 KB
Image
General
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//images/global/citi-logo-small.jpg
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
fa81dd9432fd4c0a723b860e8b98d5b2f32ad857cec5ffc033fb66a05e1c4191

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:36:33 GMT
Via
1.1 PSdgflkfFRA1ox201:7 (W), 1.1 PSdgflkfFRA1yq93:13 (W)
Last-Modified
Thu, 27 Feb 2020 21:16:28 GMT
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
5e9dc181_PSdgflkfFRA1gd9_13349-16416
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2046
main-epsilon.js
uat.cbgrus.staticcontent.uatglobalrewards.com//js/
1 MB
215 KB
Script
General
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//js/main-epsilon.js
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
7d7b29c8d8264c38e82688db13872f0aadaf063a5d3425eadaf6cba2f9d67343

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:36:33 GMT
Via
1.1 PSdgflkfFRA1ox201:0 (W), 1.1 PSdgflkfFRA1vg90:0 (W)
Last-Modified
Thu, 27 Feb 2020 21:16:34 GMT
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
5e9dc181_PSdgflkfFRA1gi9_31406-14923
Content-Type
application/javascript
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Encoding
gzip
siteFunctions.js
uat.cbgrus.staticcontent.uatglobalrewards.com//cms/js/citirewards/
65 B
443 B
Script
General
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//cms/js/citirewards/siteFunctions.js
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
b166f4071e75041554157224633fb4e00cb1710fda4e7a5d5c0512fbcbebb130

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:36:33 GMT
Via
1.1 PSdgflkfFRA1hb199:0 (W), 1.1 PSdgflkfFRA1yq93:15 (W)
Last-Modified
Thu, 05 Sep 2019 14:42:06 GMT
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
5e9dc181_PSdgflkfFRA1gi9_31406-14931
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65
sonar.js
uat.cbgrus.staticcontent.uatglobalrewards.com//js/
4 KB
2 KB
Script
General
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//js/sonar.js
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
39806d3594b69c82ba33bc1100e512eb803bc9c96b1ebd1fee6ae938ab34dfa0

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:36:33 GMT
Via
1.1 PSdgflkfFRA1bc200:10 (W), 1.1 PSdgflkfFRA1je97:13 (W)
Last-Modified
Thu, 27 Feb 2020 21:16:34 GMT
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
5e9dc181_PSdgflkfFRA1gi9_31406-14934
Content-Type
application/javascript
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Encoding
gzip
Bootstrap.js
nexus.ensighten.com/citi/grdev/
52 KB
16 KB
Script
General
Full URL
https://nexus.ensighten.com/citi/grdev/Bootstrap.js
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com///cms/js/citirewards/Ensighten_Bootstrap_GR.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
05b58425ba7914a36bdbd5499edc51cb67943b340a74766b36141aac09191161

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 15:36:33 GMT
content-encoding
gzip
last-modified
Fri, 11 Oct 2019 15:06:21 GMT
server
nginx
etag
W/"5da09a6d-d17e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=300
print.css
uat.cbgrus.staticcontent.uatglobalrewards.com//css/
2 KB
1 KB
Stylesheet
General
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//css/print.css
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
8494b6fb9ff3020b76208a45986be7fda6c2eb30cb00818925d8d4386974311c

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:36:33 GMT
Via
1.1 PSdgflkfFRA1hb199:4 (W), 1.1 PSdgflkfFRA1gi91:10 (W)
Last-Modified
Thu, 27 Feb 2020 21:16:26 GMT
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
5e9dc181_PSdgflkfFRA1gi9_31457-24980
Content-Type
text/css
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Encoding
gzip
nav_arrow_right_blue.gif
uat.cbgrus.staticcontent.uatglobalrewards.com//css/images/
49 B
413 B
Image
General
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//css/images/nav_arrow_right_blue.gif
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
77f9361be6de28ebbb3877ccb5cf43aab09f3060df3d2c1cca1fc01982370d0c

Request headers

Referer
https://uat.cbgrus.staticcontent.uatglobalrewards.com//css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 15:36:33 GMT
Via
1.1 PSdgflkfFRA1bc200:9 (W), 1.1 PSdgflkfFRA1je97:8 (W)
Last-Modified
Thu, 27 Feb 2020 21:16:26 GMT
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
5e9dc181_PSdgflkfFRA1gi9_31406-14944
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49
InterstateLight.woff
uat.cbgrus.staticcontent.uatglobalrewards.com//css/fonts/
54 KB
54 KB
Font
General
Full URL
https://uat.cbgrus.staticcontent.uatglobalrewards.com//css/fonts/InterstateLight.woff
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
999fac345480d395a3a7c56894375d1faaab3cb81154c3e449251de9e09c7051

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://uat.cbgrus.staticcontent.uatglobalrewards.com//css/main.css
Origin
https://uat.cbgrus.uatglobalrewards.com

Response headers

Date
Mon, 20 Apr 2020 15:36:33 GMT
Via
1.1 PSdgflkfFRA1ox201:5 (W), 1.1 PSdgflkfFRA1yq93:14 (W)
Last-Modified
Thu, 27 Feb 2020 21:16:26 GMT
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
5e9dc181_PSdgflkfFRA1gd9_13190-50534
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
54992
serverComponent.php
nexus.ensighten.com/citi/grdev/
379 B
521 B
Script
General
Full URL
https://nexus.ensighten.com/citi/grdev/serverComponent.php?r=5671827.76676286&ClientID=1129&PageID=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/grdev/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
284c989ff9cad678129eac1b001f8803860c36e404155d10b613ca29e6a07677

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 20 Apr 2020 15:36:34 GMT
cache-control
no-cache, no-store
server
nginx
content-type
text/javascript
content-length
379
expires
Mon, 20 Apr 2020 15:36:33 GMT
37143405083e8f6747f0f325d744066b.js
nexus.ensighten.com/citi/grdev/code/
80 KB
25 KB
Script
General
Full URL
https://nexus.ensighten.com/citi/grdev/code/37143405083e8f6747f0f325d744066b.js?conditionId0=421908
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/grdev/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
19ecb2a16d665037dae6a321e264d558551a0b0835de2f2595af1dcda536d188

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 15:36:34 GMT
content-encoding
gzip
last-modified
Fri, 11 Oct 2019 15:06:21 GMT
server
nginx
etag
W/"5da09a6d-13eca"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
3c6e0a80523e24b4785b721026450880.js
nexus.ensighten.com/citi/grdev/code/
5 KB
1 KB
Script
General
Full URL
https://nexus.ensighten.com/citi/grdev/code/3c6e0a80523e24b4785b721026450880.js?conditionId0=4846617
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/grdev/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f540e1767050c7456562f845c85e9a8e78c3323591950bdaa17a95eee144fa37

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 15:36:34 GMT
content-encoding
gzip
last-modified
Tue, 16 Jul 2019 19:36:26 GMT
server
nginx
etag
W/"5d2e273a-13e9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
embed.js
resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/
2 KB
1 KB
Script
General
Full URL
https://resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/embed.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/grdev/code/37143405083e8f6747f0f325d744066b.js?conditionId0=421908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af4e6c3a8df812f2c36de0741ee51c74dbe3d42a40b27d4a1c783ddf1e93c01d

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
_r_VimBe.jbusaoGAKYTntxEddgt_u7F
content-encoding
gzip
etag
"e24a51f79d6f08609a5a54a694a7f228"
age
0
via
1.1 varnish
x-cache
MISS
status
200
content-length
675
x-amz-id-2
xNgpqz2KCb/2u6OqQW7JBV6tqRVxWnh9jb/mf+F5crz4dWvZ7cam2OolaaxM0MjDUzZLjcmA5/c=
x-served-by
cache-fra19149-FRA
last-modified
Tue, 25 Feb 2020 18:59:07 GMT
server
AmazonS3
x-timer
S1587396994.164380,VS0,VE641
date
Mon, 20 Apr 2020 15:36:34 GMT
vary
Accept-Encoding
x-amz-request-id
2F283F5D4F975A25
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0
e.gif
nexus.ensighten.com/error/
0
106 B
Image
General
Full URL
https://nexus.ensighten.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=grdev&rid=2741171&did=582791&errorName=ReferenceError
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Mon, 20 Apr 2020 15:36:34 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 20 Apr 2020 15:36:33 GMT
s11493055962770
metrics1.citibank.com/b/ss/citicitigrdev/1/H.27.5/
Redirect Chain
  • https://metrics1.citibank.com/b/ss/citicitigrdev/1/H.27.5/s11493055962770?AQB=1&ndh=1&t=20%2F3%2F2020%2017%3A36%3A34%201%20-120&fid=6431471749E835B6-2EAE2F9D87A2AAF2&ce=UTF-8&ns=citinaconsumer&page...
  • https://metrics1.citibank.com/b/ss/citicitigrdev/1/H.27.5/s11493055962770?AQB=1&pccr=true&vidn=2F4EE0C10515EE43-4000081F71BC191C&ndh=1&t=20%2F3%2F2020%2017%3A36%3A34%201%20-120&fid=6431471749E835B6...
43 B
270 B
Image
General
Full URL
https://metrics1.citibank.com/b/ss/citicitigrdev/1/H.27.5/s11493055962770?AQB=1&pccr=true&vidn=2F4EE0C10515EE43-4000081F71BC191C&ndh=1&t=20%2F3%2F2020%2017%3A36%3A34%201%20-120&fid=6431471749E835B6-2EAE2F9D87A2AAF2&ce=UTF-8&ns=citinaconsumer&pageName=GR%3Alogin&g=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse&cc=USD&server=uat.cbgrus.uatglobalrewards.com&events=event9&v15=11%3A30AM&v16=Monday&v31=New&v32=1&c64=New&c65=1&c66=11%3A30AM&c67=Monday&c74=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse&c75=Citi%20GR%20s_code%20v12.0%20-%202016-DEC-22%20%7C%20SC%20Base%20Code%20H.27.5&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: uat.cbgrus.uatglobalrewards.com
URL: https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.31.119 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-31-119.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 15:36:34 GMT
x-content-type-options
nosniff
x-c
master-1221.I0e927e.M0-376
p3p
CP="This is not a P3P policy"
status
200
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 21 Apr 2020 15:36:34 GMT
server
jag
xserver
anedge-65fb49f79-7jqhh
etag
3408909087584649216-4613452102297724160
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 19 Apr 2020 15:36:34 GMT

Redirect headers

date
Mon, 20 Apr 2020 15:36:34 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
x-c
master-1221.I0e927e.M0-376
p3p
CP="This is not a P3P policy"
status
302
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 21 Apr 2020 15:36:34 GMT
server
jag
xserver
anedge-65fb49f79-v4vpk
content-type
text/plain;charset=utf-8
location
https://metrics1.citibank.com/b/ss/citicitigrdev/1/H.27.5/s11493055962770?AQB=1&pccr=true&vidn=2F4EE0C10515EE43-4000081F71BC191C&ndh=1&t=20%2F3%2F2020%2017%3A36%3A34%201%20-120&fid=6431471749E835B6-2EAE2F9D87A2AAF2&ce=UTF-8&ns=citinaconsumer&pageName=GR%3Alogin&g=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse&cc=USD&server=uat.cbgrus.uatglobalrewards.com&events=event9&v15=11%3A30AM&v16=Monday&v31=New&v32=1&c64=New&c65=1&c66=11%3A30AM&c67=Monday&c74=https%3A%2F%2Fuat.cbgrus.uatglobalrewards.com%2Flogin.htm%3FautoLoginPossible%3Dfalse&c75=Citi%20GR%20s_code%20v12.0%20-%202016-DEC-22%20%7C%20SC%20Base%20Code%20H.27.5&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 19 Apr 2020 15:36:34 GMT
e.gif
nexus.ensighten.com/error/
0
106 B
Image
General
Full URL
https://nexus.ensighten.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=grdev&rid=2739729&did=582649&errorName=ReferenceError
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Mon, 20 Apr 2020 15:36:34 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 20 Apr 2020 15:36:33 GMT
generic1582657146288.js
resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/
359 KB
60 KB
Script
General
Full URL
https://resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/generic1582657146288.js
Requested by
Host: resources.digital-cloud-citi.medallia.com
URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b70dc49eab87a955525c8d602d13ade0ef9646ea095d152ad2e4e17e1cd6370

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
vkehEoLzIodAf2XNylO3xTvTWxzatS6j
content-encoding
gzip
etag
"8b02bd4d5ffa9b2895cf9f41494d15b0"
age
0
via
1.1 varnish
x-cache
MISS
status
200
content-length
61142
x-amz-id-2
VO6FDC/2wyMXch+uFMih7xIdota1h58A83skzplBxdPop5W4h5cpTYts2jz7BpW+UHI4wYQoPzM=
x-served-by
cache-fra19149-FRA
last-modified
Tue, 25 Feb 2020 18:59:07 GMT
server
AmazonS3
x-timer
S1587396995.835460,VS0,VE627
date
Mon, 20 Apr 2020 15:36:35 GMT
vary
Accept-Encoding
x-amz-request-id
C40664A89E903AE5
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
0
e.gif
nexus.ensighten.com/error/
0
106 B
Image
General
Full URL
https://nexus.ensighten.com/error/e.gif?msg=%22ReferenceError%3A%20%24%20is%20not%20defined%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20tygr_products%2C%20ID%3A47342.&lnn=-1&fn=&cid=1129&client=citi&publishPath=grdev&rid=2739729&did=582649&errorName=DataDefinitionException
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Mon, 20 Apr 2020 15:36:34 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 20 Apr 2020 15:36:33 GMT
cool-2.1.15.min.js
nebula-cdn.kampyle.com/resources/onsite/js/
14 KB
5 KB
Script
General
Full URL
https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by
Host: resources.digital-cloud-citi.medallia.com
URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/generic1582657146288.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 15:36:35 GMT
content-encoding
gzip
age
0
accept-ranges
bytes
x-cache
MISS, HIT
status
200
x-amz-request-id
9951A5F978E3F1C8
x-amz-id-2
XqVaKHOURU7MwBcpCCMUctvOEFoT/DWescBxrAjf4sZMYSxmxYYg9yZGPXef3JTIqggebmjHsaM=
x-served-by
cache-iad2139-IAD, cache-hhn4059-HHN
access-control-allow-origin
*
last-modified
Tue, 17 Mar 2020 11:10:17 GMT
server
AmazonS3
x-timer
S1587396996.584757,VS0,VE0
etag
"80dd5e3be5152c5c72d552c6a26ef6ff"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
content-length
5197
x-cache-hits
0, 286942
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/
0
321 B
Image
General
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiTGludXggeDg2XzY0IiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4xLjE1IiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE1ODczOTY5OTU2MDQiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAyLCJ1c2VyX2lkIjogIjE3MTk4M2JlYTEyODItMGJkN2Q4ZTJlZGU3NjEtMzc2NDdlMDMtMWQ0YzAwLTE3MTk4M2JlYTEzNTE0IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLWNpdGkiLCJhY2NvdW50SWQiOiA0OSwidXJsIjogImh0dHBzOi8vdWF0LmNiZ3J1cy51YXRnbG9iYWxyZXdhcmRzLmNvbS9sb2dpbi5odG0/YXV0b0xvZ2luUG9zc2libGU9ZmFsc2UiLCJ3ZWJzaXRlSWQiOiA2OCwiZmVlZGJhY2tfdXVpZCI6IG51bGwsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImMxODAtY2Q3ZC1kOGMzLWVkZGYtYzEzNS05NDJlLTY1MTMtY2YwMSIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNTg3Mzk2OTk1NTI2Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDI4Mywia2FtcHlsZV92ZXJzaW9uIjogIjAuMC4wLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE1ODczOTY5OTU1MzEsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uat.cbgrus.uatglobalrewards.com/login.htm?autoLoginPossible=false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-r95s
date
Mon, 20 Apr 2020 15:36:35 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
status
200
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-application-context
application:9090

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| currentURL object| prodURLs object| script function| countrySelect object| JavascriptProperties object| CMGR object| Utils function| Sonar function| replaceAll string| currentEmail string| sourceCode string| country string| loginStatus string| memberId string| contextPath string| staticContentPath object| pointsExchangeSliderArgs object| transferFeeArgs undefined| snr undefined| snr1 function| callHomePageSonarZones function| callPointsTransferZones function| callIntroRewardsSonarZones function| callOffersPrivilegesSonarZones function| callWaysToEarnSonarZones function| callSecondarySonarZones function| callTertiarySonarZones function| callPointsTransfer function| callIntroRewards function| callOffersPrivileges function| callWaysToEarn function| callSonarZone function| isValid object| vendorSpace object| ensBootstraps object| Bootstrapper object| javaScriptErrors string| sName string| omtr_points string| tloc object| s_hosts number| counter string| s_account string| Currenthost string| host string| accountType object| s function| s_doPlugins string| s_code string| s_objectID function| s_gi function| s_giqf string| omtr_internalDomain string| omtr_charSet string| omtr_timezone string| omtr_currency string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in number| s_giq object| whiteLabelSites number| d object| eo number| y string| j object| s_i_0_citinaconsumer object| KAMPYLE_EMBED object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| MDIGITAL_OnPrem object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata

1 Cookies

Domain/Path Name / Value
.uatglobalrewards.com/ Name: s_sess
Value: %20s_sq%3D%3B%20s_ppv%3DGR%25253Alogin%252C100%252C100%252C1200%3B

1 Console Messages

Source Level URL
Text
console-api log URL: https://nexus.ensighten.com/citi/grdev/code/37143405083e8f6747f0f325d744066b.js?conditionId0=421908(Line 3)
Message:
searching for products...

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gr-uatv1.cxtrvl.com
metrics1.citibank.com
nebula-cdn.kampyle.com
nexus.ensighten.com
resources.digital-cloud-citi.medallia.com
uat.cbgrus.staticcontent.uatglobalrewards.com
uat.cbgrus.uatglobalrewards.com
udc-neb.kampyle.com
15.188.31.119
151.101.113.175
151.101.14.133
159.127.185.22
163.171.128.148
18.195.42.228
216.68.192.241
35.241.45.82
05b58425ba7914a36bdbd5499edc51cb67943b340a74766b36141aac09191161
0b70dc49eab87a955525c8d602d13ade0ef9646ea095d152ad2e4e17e1cd6370
19ecb2a16d665037dae6a321e264d558551a0b0835de2f2595af1dcda536d188
284c989ff9cad678129eac1b001f8803860c36e404155d10b613ca29e6a07677
39806d3594b69c82ba33bc1100e512eb803bc9c96b1ebd1fee6ae938ab34dfa0
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
628747dcceee836c492f6dd94e1fd5e3a270c490776f9ae32ee10c42a7a2f960
65196736be2a58fbd32d09de221e449e0d4395558c3597f8c9f72cbba15aa353
77f9361be6de28ebbb3877ccb5cf43aab09f3060df3d2c1cca1fc01982370d0c
7d7b29c8d8264c38e82688db13872f0aadaf063a5d3425eadaf6cba2f9d67343
8494b6fb9ff3020b76208a45986be7fda6c2eb30cb00818925d8d4386974311c
8c65590d3282958dd508970eef5ff93cbab5467fce38c7f3c825d54b729d4c51
966f52d6ec3b2b1a88bbc8e3f7c84c58860c9db1e360b56e370eb522268ebbe6
999fac345480d395a3a7c56894375d1faaab3cb81154c3e449251de9e09c7051
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a581be6dc09b0a3f337f1243178b3f23442a732b946bf46d4e73b4f2282e1c30
af4e6c3a8df812f2c36de0741ee51c74dbe3d42a40b27d4a1c783ddf1e93c01d
b166f4071e75041554157224633fb4e00cb1710fda4e7a5d5c0512fbcbebb130
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec9f0dea1200b826bd8f8960cc9ecd5531f9d5215f3576b9cf579f825aaa46d5
f540e1767050c7456562f845c85e9a8e78c3323591950bdaa17a95eee144fa37
fa81dd9432fd4c0a723b860e8b98d5b2f32ad857cec5ffc033fb66a05e1c4191