urlscan.io logo urlscan.io
SecurityTrails logo

www.citirewards.com Open in urlscan Pro
163.171.128.146  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.citirewards.com/
Submission: On February 17 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 27 HTTP transactions. The main IP is 163.171.128.146, located in Germany and belongs to QUANTILNETWORKS, US. The main domain is www.citirewards.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 7th 2020. Valid for: 2 years.
This is the only time www.citirewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 163.171.128.146 54994 (QUANTILNE...)
11 163.171.132.170 54994 (QUANTILNE...)
9 18.197.253.20 16509 (AMAZON-02)
2 151.101.114.133 54113 (FASTLY)
1 2 18.139.76.45 16509 (AMAZON-02)
1 151.101.113.175 54113 (FASTLY)
1 35.241.45.82 15169 (GOOGLE)
27 7
2    163.171.128.146 (Germany)

ASN54994 (QUANTILNETWORKS, US)
PTR: hdt.qtlcname.com
www.citirewards.com
11    163.171.132.170 (Germany)

ASN54994 (QUANTILNETWORKS, US)
staticcontent.citirewards.com
9    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
2    151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
resources.digital-cloud-citi.medallia.com
2    18.139.76.45 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-76-45.ap-southeast-1.compute.amazonaws.com
metrics1.citibank.com
1    151.101.113.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
1    35.241.45.82 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
Domain Requested by
11 staticcontent.citirewards.com www.citirewards.com
9 nexus.ensighten.com www.citirewards.com
nexus.ensighten.com
2 metrics1.citibank.com 1 redirects www.citirewards.com
2 resources.digital-cloud-citi.medallia.com nexus.ensighten.com
resources.digital-cloud-citi.medallia.com
2 www.citirewards.com www.citirewards.com
1 udc-neb.kampyle.com
1 nebula-cdn.kampyle.com resources.digital-cloud-citi.medallia.com
27 7

This site contains no links.

Subject Issuer Validity Valid
www.citirewards.com
DigiCert SHA2 Extended Validation Server CA		 2020-02-07 -
2022-03-11		 2 years crt.sh
staticcontent.citirewards.com
DigiCert SHA2 Extended Validation Server CA		 2018-02-06 -
2020-03-09		 2 years crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2019-10-03 -
2020-10-02		 a year crt.sh
*.digital-cloud-citi.medallia.com
SSL.com DV CA		 2018-11-13 -
2020-11-12		 2 years crt.sh
metrics1.citibank.com
DigiCert SHA2 High Assurance Server CA		 2020-01-20 -
2021-04-22		 a year crt.sh
j.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2		 2020-02-06 -
2020-06-11		 4 months crt.sh
*.kampyle.com
RapidSSL RSA CA 2018		 2019-02-17 -
2020-03-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.citirewards.com/
Frame ID: CEC6B79594F605407DA58D01F4C4B317
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/nexus\.ensighten\.com\//i

Page Statistics

27
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

613 kB
Transfer

2279 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://metrics1.citibank.com/b/ss/citicitigrprod/1/H.27.5/s61755508264936?AQB=1&ndh=1&t=17%2F1%2F2020%2014%3A31%3A11%201%20-60&fid=75CB50835CB5BD8D-001A8A9065745574&ce=UTF-8&ns=citinaconsumer&pageName=country_selector&g=https%3A%2F%2Fwww.citirewards.com%2F&cc=USD&ch=epsilon&server=citirewards.com&events=event9&c1=epsilon&v1=country_selector&c2=country_selector&c9=country_selector&v13=epsilon&v14=country_selector&v15=8%3A30AM&v16=Monday&v31=New&v32=1&c64=New&c65=1&c66=8%3A30AM&c67=Monday&c74=https%3A%2F%2Fwww.citirewards.com%2F&c75=Citi%20GR%20s_code%20v12.0%20-%202016-DEC-22%20%7C%20SC%20Base%20Code%20H.27.5&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • https://metrics1.citibank.com/b/ss/citicitigrprod/1/H.27.5/s61755508264936?AQB=1&pccr=true&vidn=2F254AD00515CA88-400007C103081061&ndh=1&t=17%2F1%2F2020%2014%3A31%3A11%201%20-60&fid=75CB50835CB5BD8D-001A8A9065745574&ce=UTF-8&ns=citinaconsumer&pageName=country_selector&g=https%3A%2F%2Fwww.citirewards.com%2F&cc=USD&ch=epsilon&server=citirewards.com&events=event9&c1=epsilon&v1=country_selector&c2=country_selector&c9=country_selector&v13=epsilon&v14=country_selector&v15=8%3A30AM&v16=Monday&v31=New&v32=1&c64=New&c65=1&c66=8%3A30AM&c67=Monday&c74=https%3A%2F%2Fwww.citirewards.com%2F&c75=Citi%20GR%20s_code%20v12.0%20-%202016-DEC-22%20%7C%20SC%20Base%20Code%20H.27.5&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.citirewards.com/ 		50 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.citirewards.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.146 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
hdt.qtlcname.com
Software
/
Resource Hash
df799b82a1af947a33df61ba7f8f481f290f65fc0309e5e09b2a8faa503c7545
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
www.citirewards.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Date
Mon, 17 Feb 2020 13:31:09 GMT
Pragma
no-cache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-FRAME-OPTIONS
SAMEORIGIN
Set-Cookie
CSESSIONID=6ea66de7bc8a401ab318f229b5f734834be1b1c77adba1cb5b64!-2034727852; path=/; secure; HttpOnly
Content-Language
co-SPA
Ensighten_Bootstrap_GR.js
www.citirewards.com//cms/js/citirewards/ 		1 KB
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.citirewards.com//cms/js/citirewards/Ensighten_Bootstrap_GR.js
Requested by
Host: www.citirewards.com
URL: https://www.citirewards.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.146 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
hdt.qtlcname.com
Software
/
Resource Hash
1fd9ac8015f0b3f9d0cdcef4337ccb7a7b3e5735516ca0b5354627dbdebbad31

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 17 Feb 2020 13:31:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Oct 2018 19:16:45 GMT
Accept-Ranges
bytes
Transfer-Encoding
chunked
Content-Type
text/javascript
main.css
staticcontent.citirewards.com//css/ 		418 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staticcontent.citirewards.com//css/main.css
Requested by
Host: www.citirewards.com
URL: https://www.citirewards.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.132.170 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
65196736be2a58fbd32d09de221e449e0d4395558c3597f8c9f72cbba15aa353

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Mon, 17 Feb 2020 13:31:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jan 2020 08:28:10 GMT
Server
PWS/8.3.1.0.8
Age
69341
X-Ws-Request-Id
5e4a959e_PSdgflkfFRA2ra1_12383-63988
Content-Type
text/css
Via
1.1 VMmgdlsDAL1op131:2 (W), 1.1 VMdgflkfFRA1vl49:3 (W), 1.1 PSdgflkfFRA2ra100:2 (W)
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
main_v2.css
staticcontent.citirewards.com//css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staticcontent.citirewards.com//css/main_v2.css
Requested by
Host: www.citirewards.com
URL: https://www.citirewards.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.132.170 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
966f52d6ec3b2b1a88bbc8e3f7c84c58860c9db1e360b56e370eb522268ebbe6

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Mon, 17 Feb 2020 13:31:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jan 2020 08:28:10 GMT
Server
PWS/8.3.1.0.8
Age
69491
X-Ws-Request-Id
5e4a959e_PSdgflkfFRA2ra1_12364-61341
Content-Type
text/css
Via
1.1 VMmgdlsDAL1op131:2 (W), 1.1 VMdgflkfFRA1vl49:0 (W), 1.1 PSdgflkfFRA2po99:7 (W)
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
citi-logo-simple.png
staticcontent.citirewards.com//images/global/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticcontent.citirewards.com//images/global/citi-logo-simple.png
Requested by
Host: www.citirewards.com
URL: https://www.citirewards.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.132.170 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
8c65590d3282958dd508970eef5ff93cbab5467fce38c7f3c825d54b729d4c51

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 13:31:10 GMT
Via
1.1 VMmgdlsDAL1op131:2 (W), 1.1 VMdgflkfFRA1vl49:4 (W), 1.1 PSdgflkfFRA2ra100:4 (W)
Last-Modified
Tue, 14 Jan 2020 08:28:14 GMT
Server
PWS/8.3.1.0.8
Age
59597
X-Ws-Request-Id
5e4a959e_PSdgflkfFRA2ra1_12377-63417
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4515
hero.jpg
staticcontent.citirewards.com//images/country-selector/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticcontent.citirewards.com//images/country-selector/hero.jpg
Requested by
Host: www.citirewards.com
URL: https://www.citirewards.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.132.170 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
a581be6dc09b0a3f337f1243178b3f23442a732b946bf46d4e73b4f2282e1c30

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 13:31:10 GMT
Via
1.1 VMmgdlsDAL1op131:2 (W), 1.1 VMdgflkfFRA1vl49:0 (W), 1.1 PSdgflkfFRA2ra100:7 (W)
Last-Modified
Tue, 14 Jan 2020 08:28:12 GMT
Server
PWS/8.3.1.0.8
Age
59597
X-Ws-Request-Id
5e4a959e_PSdgflkfFRA2ra1_12302-63884
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
80010
citi-logo-small.jpg
staticcontent.citirewards.com//images/global/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticcontent.citirewards.com//images/global/citi-logo-small.jpg
Requested by
Host: www.citirewards.com
URL: https://www.citirewards.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.132.170 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
fa81dd9432fd4c0a723b860e8b98d5b2f32ad857cec5ffc033fb66a05e1c4191

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 13:31:11 GMT
Via
1.1 VMmgdlsDAL1op131:2 (W), 1.1 VMdgflkfFRA1vl49:1 (W), 1.1 PSdgflkfFRA2ra100:6 (W)
Last-Modified
Tue, 14 Jan 2020 08:28:14 GMT
Server
PWS/8.3.1.0.8
Age
59598
X-Ws-Request-Id
5e4a959f_PSdgflkfFRA2ra1_12377-63423
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2046
main-epsilon.js
staticcontent.citirewards.com//js/ 		1 MB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staticcontent.citirewards.com//js/main-epsilon.js
Requested by
Host: www.citirewards.com
URL: https://www.citirewards.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.132.170 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
7d7b29c8d8264c38e82688db13872f0aadaf063a5d3425eadaf6cba2f9d67343

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 17 Feb 2020 13:31:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jan 2020 08:28:20 GMT
Server
PWS/8.3.1.0.8
Age
69341
X-Ws-Request-Id
5e4a959e_PSdgflkfFRA2ra1_12364-61342
Content-Type
text/javascript
Via
1.1 VMdgflkfFRA1vl49:1 (W), 1.1 PSdgflkfFRA2ra100:4 (W)
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
siteFunctions.js
staticcontent.citirewards.com//cms/js/citirewards/ 		65 B
506 B 		Script
General
Check archive.org
Download Go to
Full URL
https://staticcontent.citirewards.com//cms/js/citirewards/siteFunctions.js
Requested by
Host: www.citirewards.com
URL: https://www.citirewards.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.132.170 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
5f901299b45acc00bbb460124165f980bb643fcdf2aca9c1e25f20492675e5f2

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 17 Feb 2020 13:31:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Nov 2019 14:33:36 GMT
Server
PWS/8.3.1.0.8
Age
69493
X-Ws-Request-Id
5e4a959e_PSdgflkfFRA2ra1_12302-63886
Content-Type
text/javascript
Via
1.1 VMdgflkfFRA1is58:6 (W), 1.1 PSdgflkfFRA2po99:0 (W)
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
sonar.js
staticcontent.citirewards.com//js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staticcontent.citirewards.com//js/sonar.js
Requested by
Host: www.citirewards.com
URL: https://www.citirewards.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.132.170 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
39806d3594b69c82ba33bc1100e512eb803bc9c96b1ebd1fee6ae938ab34dfa0

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 17 Feb 2020 13:31:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jan 2020 08:28:20 GMT
Server
PWS/8.3.1.0.8
Age
69342
X-Ws-Request-Id
5e4a959f_PSdgflkfFRA2ra1_12383-63994
Content-Type
text/javascript
Via
1.1 VMmgxytSEA1yn45:6 (W), 1.1 VMdgflkfFRA1jg67:4 (W), 1.1 PSdgflkfFRA2ra100:1 (W)
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Bootstrap.js
nexus.ensighten.com/citi/grprod/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/grprod/Bootstrap.js
Requested by
Host: www.citirewards.com
URL: https://www.citirewards.com//cms/js/citirewards/Ensighten_Bootstrap_GR.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0d15613a7e92340896e61808862f5abe8782d8f965b312e2a1fa5f3c70f327f2

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 13:31:11 GMT
content-encoding
gzip
last-modified
Fri, 11 Oct 2019 14:51:51 GMT
server
nginx
etag
W/"5da09707-d181"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=300
print.css
staticcontent.citirewards.com//css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staticcontent.citirewards.com//css/print.css
Requested by
Host: www.citirewards.com
URL: https://www.citirewards.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.132.170 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
8494b6fb9ff3020b76208a45986be7fda6c2eb30cb00818925d8d4386974311c

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Mon, 17 Feb 2020 13:31:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jan 2020 08:28:10 GMT
Server
PWS/8.3.1.0.8
Age
69342
X-Ws-Request-Id
5e4a959f_PSdgflkfFRA2ra1_12383-63997
Content-Type
text/css
Via
1.1 VMdgflkfFRA1is58:3 (W), 1.1 PSdgflkfFRA2ra100:6 (W)
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
nav_arrow_right_blue.gif
staticcontent.citirewards.com//css/images/ 		49 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticcontent.citirewards.com//css/images/nav_arrow_right_blue.gif
Requested by
Host: www.citirewards.com
URL: https://www.citirewards.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.132.170 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
77f9361be6de28ebbb3877ccb5cf43aab09f3060df3d2c1cca1fc01982370d0c

Request headers

Referer
https://staticcontent.citirewards.com//css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 13:31:11 GMT
Via
1.1 VMmgdlsDAL1op131:2 (W), 1.1 VMdgflkfFRA1vl49:3 (W), 1.1 PSdgflkfFRA2po99:1 (W)
Last-Modified
Tue, 14 Jan 2020 08:28:10 GMT
Server
PWS/8.3.1.0.8
Age
68592
X-Ws-Request-Id
5e4a959f_PSdgflkfFRA2ra1_12302-63889
Content-Type
image/gif
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49
InterstateLight.woff
staticcontent.citirewards.com//css/fonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://staticcontent.citirewards.com//css/fonts/InterstateLight.woff
Requested by
Host: www.citirewards.com
URL: https://www.citirewards.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.132.170 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
999fac345480d395a3a7c56894375d1faaab3cb81154c3e449251de9e09c7051

Request headers

Referer
https://staticcontent.citirewards.com//css/main.css
Origin
https://www.citirewards.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 13:31:11 GMT
Via
1.1 VMmgdlsDAL1op131:2 (W), 1.1 VMdgflkfFRA1is58:0 (W), 1.1 PSdgflkfFRA2po99:3 (W)
Last-Modified
Tue, 14 Jan 2020 08:28:10 GMT
Server
PWS/8.3.1.0.8
Age
62297
X-Ws-Request-Id
5e4a959f_PSdgflkfFRA2ra1_12377-63426
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
54992
serverComponent.php
nexus.ensighten.com/citi/grprod/ 		485 B
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/grprod/serverComponent.php?r=4.7878308519046175&ClientID=1129&PageID=https%3A%2F%2Fwww.citirewards.com%2F
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/grprod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f506afa480dcfc91140d41d44c8c7b661a1aa42674a2ce968eb00001d115497d

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
200
date
Mon, 17 Feb 2020 13:31:11 GMT
cache-control
no-cache, no-store
expires
Mon, 17 Feb 2020 13:31:10 GMT
server
nginx
content-length
485
content-type
text/javascript
80a680c437ee508ec622e5c4fabc01f4.js
nexus.ensighten.com/citi/grprod/code/ 		80 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/grprod/code/80a680c437ee508ec622e5c4fabc01f4.js?conditionId0=421908
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/grprod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
82b9419655a11670f8c63764eda012cc9bc61460a997a4ade7872e6c2aabd725

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 13:31:11 GMT
content-encoding
gzip
last-modified
Fri, 11 Oct 2019 14:51:51 GMT
server
nginx
etag
W/"5da09707-13ecb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
c4f0d4a5b073db62e0cab296955bdb49.js
nexus.ensighten.com/citi/grprod/code/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/grprod/code/c4f0d4a5b073db62e0cab296955bdb49.js?conditionId0=4846617
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/grprod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b7467c08b2150839b7307d1fd5d7650a8d84284bd29642878631b81d1fbcd78f

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 13:31:11 GMT
content-encoding
gzip
last-modified
Thu, 25 Jul 2019 18:09:07 GMT
server
nginx
etag
W/"5d39f043-13e9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
edb8002b5288c8f95ea7affb73d7ad37.js
nexus.ensighten.com/citi/grprod/code/ 		1 KB
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/citi/grprod/code/edb8002b5288c8f95ea7affb73d7ad37.js?conditionId0=2025966
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/grprod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6b515efa2a72fa8495b307556a471c2bd56fcb6b3f61fd01b71c5ff5997747c8

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 13:31:11 GMT
content-encoding
gzip
last-modified
Thu, 25 Jul 2019 18:09:07 GMT
server
nginx
etag
W/"5d39f043-5c4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
embed.js
resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/embed.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citi/grprod/code/80a680c437ee508ec622e5c4fabc01f4.js?conditionId0=421908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6518faa452175419b7c0203d1d3e6a144c19e6f36a19770abcdd44d253a8de43

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
xLaUJ74DSXx9om2CpM.QE.I1LEQ94a.o
content-encoding
gzip
age
0
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 13:31:11 GMT
content-length
675
x-amz-id-2
gbFYY//2HEEgUebkf8htTrSnRgjz3OLChdaouqYQAgeJMl7/h5iNQF6TWJ7KeH1ckVmCHlTdMe8=
x-served-by
cache-hhn4081-HHN
access-control-allow-origin
*
last-modified
Mon, 03 Feb 2020 15:56:10 GMT
server
AmazonS3
x-timer
S1581946271.299797,VS0,VE623
etag
"ce1acc37ae563a1ac8ea297bafa580d8"
vary
Accept-Encoding
x-amz-request-id
4142F2FACCACE478
via
1.1 varnish
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
e.gif
nexus.ensighten.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=grprod&rid=2779582&did=582791&errorName=ReferenceError
Requested by
Host: www.citirewards.com
URL: https://www.citirewards.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
204
date
Mon, 17 Feb 2020 13:31:11 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 17 Feb 2020 13:31:10 GMT
e.gif
nexus.ensighten.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=grprod&rid=2779608&did=536582&errorName=ReferenceError
Requested by
Host: www.citirewards.com
URL: https://www.citirewards.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
204
date
Mon, 17 Feb 2020 13:31:11 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 17 Feb 2020 13:31:10 GMT
s61755508264936
metrics1.citibank.com/b/ss/citicitigrprod/1/H.27.5/
Redirect Chain
  • https://metrics1.citibank.com/b/ss/citicitigrprod/1/H.27.5/s61755508264936?AQB=1&ndh=1&t=17%2F1%2F2020%2014%3A31%3A11%201%20-60&fid=75CB50835CB5BD8D-001A8A9065745574&ce=UTF-8&ns=citinaconsumer&page...
  • https://metrics1.citibank.com/b/ss/citicitigrprod/1/H.27.5/s61755508264936?AQB=1&pccr=true&vidn=2F254AD00515CA88-400007C103081061&ndh=1&t=17%2F1%2F2020%2014%3A31%3A11%201%20-60&fid=75CB50835CB5BD8D...
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics1.citibank.com/b/ss/citicitigrprod/1/H.27.5/s61755508264936?AQB=1&pccr=true&vidn=2F254AD00515CA88-400007C103081061&ndh=1&t=17%2F1%2F2020%2014%3A31%3A11%201%20-60&fid=75CB50835CB5BD8D-001A8A9065745574&ce=UTF-8&ns=citinaconsumer&pageName=country_selector&g=https%3A%2F%2Fwww.citirewards.com%2F&cc=USD&ch=epsilon&server=citirewards.com&events=event9&c1=epsilon&v1=country_selector&c2=country_selector&c9=country_selector&v13=epsilon&v14=country_selector&v15=8%3A30AM&v16=Monday&v31=New&v32=1&c64=New&c65=1&c66=8%3A30AM&c67=Monday&c74=https%3A%2F%2Fwww.citirewards.com%2F&c75=Citi%20GR%20s_code%20v12.0%20-%202016-DEC-22%20%7C%20SC%20Base%20Code%20H.27.5&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: www.citirewards.com
URL: https://www.citirewards.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.139.76.45 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-76-45.ap-southeast-1.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 13:31:12 GMT
x-content-type-options
nosniff
x-c
master-1158.Ib7fada.M0-347
p3p
CP="This is not a P3P policy"
status
200
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 18 Feb 2020 13:31:12 GMT
server
jag
xserver
anedge-5869d59d6c-pwwg4
etag
3397203751219855360-4617956701868912334
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 16 Feb 2020 13:31:12 GMT

Redirect headers

date
Mon, 17 Feb 2020 13:31:12 GMT
x-content-type-options
nosniff
x-c
master-1158.Ib7fada.M0-347
p3p
CP="This is not a P3P policy"
status
302
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 18 Feb 2020 13:31:12 GMT
server
jag
xserver
anedge-5869d59d6c-8ktsr
location
https://metrics1.citibank.com/b/ss/citicitigrprod/1/H.27.5/s61755508264936?AQB=1&pccr=true&vidn=2F254AD00515CA88-400007C103081061&ndh=1&t=17%2F1%2F2020%2014%3A31%3A11%201%20-60&fid=75CB50835CB5BD8D-001A8A9065745574&ce=UTF-8&ns=citinaconsumer&pageName=country_selector&g=https%3A%2F%2Fwww.citirewards.com%2F&cc=USD&ch=epsilon&server=citirewards.com&events=event9&c1=epsilon&v1=country_selector&c2=country_selector&c9=country_selector&v13=epsilon&v14=country_selector&v15=8%3A30AM&v16=Monday&v31=New&v32=1&c64=New&c65=1&c66=8%3A30AM&c67=Monday&c74=https%3A%2F%2Fwww.citirewards.com%2F&c75=Citi%20GR%20s_code%20v12.0%20-%202016-DEC-22%20%7C%20SC%20Base%20Code%20H.27.5&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 16 Feb 2020 13:31:12 GMT
e.gif
nexus.ensighten.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1129&client=citi&publishPath=grprod&rid=2779588&did=582649&errorName=ReferenceError
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
204
date
Mon, 17 Feb 2020 13:31:12 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 17 Feb 2020 13:31:11 GMT
generic1580745368671.js
resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/ 		359 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/generic1580745368671.js
Requested by
Host: resources.digital-cloud-citi.medallia.com
URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b70dc49eab87a955525c8d602d13ade0ef9646ea095d152ad2e4e17e1cd6370

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
OA4r5xJ0iKjZMOWTFlzIfBt5wk2T65yo
content-encoding
gzip
age
0
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 13:31:13 GMT
content-length
61142
x-amz-id-2
CWsIeynGjy7iYVaM6/lMvIPVAqM8PmICr+E5r3lD420McijmeS525xY1+/TjOncdK6jPlOs47+g=
x-served-by
cache-hhn4081-HHN
access-control-allow-origin
*
last-modified
Mon, 03 Feb 2020 15:56:09 GMT
server
AmazonS3
x-timer
S1581946273.560229,VS0,VE627
etag
"8b02bd4d5ffa9b2895cf9f41494d15b0"
vary
Accept-Encoding
x-amz-request-id
DEA4B7E443E438FD
via
1.1 varnish
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
e.gif
nexus.ensighten.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=%22ReferenceError%3A%20%24%20is%20not%20defined%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20tygr_products%2C%20ID%3A47342.&lnn=-1&fn=&cid=1129&client=citi&publishPath=grprod&rid=-1&did=-1&errorName=DataDefinitionException
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
204
date
Mon, 17 Feb 2020 13:31:12 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 17 Feb 2020 13:31:11 GMT
cool-2.1.15.min.js
nebula-cdn.kampyle.com/resources/onsite/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by
Host: resources.digital-cloud-citi.medallia.com
URL: https://resources.digital-cloud-citi.medallia.com/wdcusciti/68/onsite/generic1580745368671.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 13:31:13 GMT
content-encoding
gzip
age
0
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
status
200
content-length
5197
x-amz-request-id
3A7285A58FF0C32F
x-amz-id-2
WDQ5K9sZKfU9oe0emRVI9UoQ5NZYi7lLzyoCOAkcNfcsbr3Tt5uZZe+VZ77gtsaMTtzkUNPXc7c=
x-served-by
cache-iad2135-IAD, cache-hhn4081-HHN
last-modified
Sun, 05 Jan 2020 11:06:02 GMT
server
AmazonS3
x-timer
S1581946273.325933,VS0,VE0
etag
"80dd5e3be5152c5c72d552c6a26ef6ff"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
2, 475618
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiTGludXggeDg2XzY0IiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4xLjE1IiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE1ODE5NDYyNzMzNDEiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAxLCJ1c2VyX2lkIjogIjE3MDUzNTg3ZTNiZTZhLTAxOTkxNTU0ZjVmY2E3LTM3NjQ3ZTAzLTFkNGMwMC0xNzA1MzU4N2UzYzdlYSIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1jaXRpIiwiYWNjb3VudElkIjogNDksInVybCI6ICJodHRwczovL3d3dy5jaXRpcmV3YXJkcy5jb20vIiwid2Vic2l0ZUlkIjogNjgsImZlZWRiYWNrX3V1aWQiOiBudWxsLCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICIxYjY1LWJhMTMtM2QxYi1lZjdkLTc3NGUtMTVkMS02N2FhLWQ5OTQiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTU4MTk0NjI3MzI2OCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiA2MTYsImthbXB5bGVfdmVyc2lvbiI6ICIwLjAuMC4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNTgxOTQ2MjczMjcxLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.241.45.82 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.citirewards.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-me
prod-instance-gatewayservice-green-t8b9
date
Mon, 17 Feb 2020 13:31:13 GMT
via
1.1 google
alt-svc
clear
server
Jetty(9.2.11.v20150529)
access-control-allow-origin
*
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
status
200
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| currentURL object| prodURLs object| script function| countrySelect object| JavascriptProperties object| CMGR object| Utils function| Sonar function| replaceAll string| currentEmail string| sourceCode string| country string| loginStatus string| memberId string| contextPath string| staticContentPath object| pointsExchangeSliderArgs object| transferFeeArgs undefined| snr undefined| snr1 function| callHomePageSonarZones function| callPointsTransferZones function| callIntroRewardsSonarZones function| callOffersPrivilegesSonarZones function| callWaysToEarnSonarZones function| callSecondarySonarZones function| callTertiarySonarZones function| callPointsTransfer function| callIntroRewards function| callOffersPrivileges function| callWaysToEarn function| callSonarZone function| isValid object| vendorSpace object| ensBootstraps object| Bootstrapper object| javaScriptErrors string| sName string| omtr_points string| tloc object| s_hosts number| counter string| s_account string| Currenthost string| host string| accountType object| s function| s_doPlugins string| s_code string| s_objectID function| s_gi function| s_giqf string| omtr_internalDomain string| omtr_charSet string| omtr_timezone string| omtr_currency string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in number| s_giq object| whiteLabelSites number| d object| eo number| y string| j object| s_i_0_citinaconsumer object| KAMPYLE_EMBED object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| MDIGITAL_OnPrem object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata

3 Cookies

Domain/Path Name / Value
.citirewards.com/ Name: s_sess
Value: %20s_cc%3Dtrue%3B%20s_sq%3D%3B%20s_ppv%3Dcountry_selector%252C100%252C100%252C1200%3B
.citirewards.com/ Name: s_pers
Value: %20s_fid%3D75CB50835CB5BD8D-001A8A9065745574%7C1645104671484%3B%20s_nr%3D1581946271550-New%7C1739626271550%3B%20s_vnum%3D1583017200551%2526vn%253D1%7C1583017200551%3B%20s_invisit%3Dtrue%7C1581948071551%3B%20gpv_pn%3Dcountry_selector%7C1581948071552%3B
www.citirewards.com/ Name: CSESSIONID
Value: 6ea66de7bc8a401ab318f229b5f734834be1b1c77adba1cb5b64!-2034727852

1 Console Messages

Source Level URL
Text
console-api log URL: https://nexus.ensighten.com/citi/grprod/code/80a680c437ee508ec622e5c4fabc01f4.js?conditionId0=421908(Line 133)
Message:
searching for products...

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

metrics1.citibank.com
nebula-cdn.kampyle.com
nexus.ensighten.com
resources.digital-cloud-citi.medallia.com
staticcontent.citirewards.com
udc-neb.kampyle.com
www.citirewards.com
151.101.113.175
151.101.114.133
163.171.128.146
163.171.132.170
18.139.76.45
18.197.253.20
35.241.45.82
0b70dc49eab87a955525c8d602d13ade0ef9646ea095d152ad2e4e17e1cd6370
0d15613a7e92340896e61808862f5abe8782d8f965b312e2a1fa5f3c70f327f2
1fd9ac8015f0b3f9d0cdcef4337ccb7a7b3e5735516ca0b5354627dbdebbad31
39806d3594b69c82ba33bc1100e512eb803bc9c96b1ebd1fee6ae938ab34dfa0
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
5f901299b45acc00bbb460124165f980bb643fcdf2aca9c1e25f20492675e5f2
6518faa452175419b7c0203d1d3e6a144c19e6f36a19770abcdd44d253a8de43
65196736be2a58fbd32d09de221e449e0d4395558c3597f8c9f72cbba15aa353
6b515efa2a72fa8495b307556a471c2bd56fcb6b3f61fd01b71c5ff5997747c8
77f9361be6de28ebbb3877ccb5cf43aab09f3060df3d2c1cca1fc01982370d0c
7d7b29c8d8264c38e82688db13872f0aadaf063a5d3425eadaf6cba2f9d67343
82b9419655a11670f8c63764eda012cc9bc61460a997a4ade7872e6c2aabd725
8494b6fb9ff3020b76208a45986be7fda6c2eb30cb00818925d8d4386974311c
8c65590d3282958dd508970eef5ff93cbab5467fce38c7f3c825d54b729d4c51
966f52d6ec3b2b1a88bbc8e3f7c84c58860c9db1e360b56e370eb522268ebbe6
999fac345480d395a3a7c56894375d1faaab3cb81154c3e449251de9e09c7051
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a581be6dc09b0a3f337f1243178b3f23442a732b946bf46d4e73b4f2282e1c30
b7467c08b2150839b7307d1fd5d7650a8d84284bd29642878631b81d1fbcd78f
df799b82a1af947a33df61ba7f8f481f290f65fc0309e5e09b2a8faa503c7545
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f506afa480dcfc91140d41d44c8c7b661a1aa42674a2ce968eb00001d115497d
fa81dd9432fd4c0a723b860e8b98d5b2f32ad857cec5ffc033fb66a05e1c4191