urlscan.io logo urlscan.io
SecurityTrails logo

rewards.usbank.com Open in urlscan Pro
159.127.184.113  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rewards.usbank.com.mcas.ms/
Effective URL: https://rewards.usbank.com/
Submission: On November 20 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 14 HTTP transactions. The main IP is 159.127.184.113, located in United States and belongs to EPSILON-INTERACTIVE, US. The main domain is rewards.usbank.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 22nd 2020. Valid for: 2 years.
This is the only time rewards.usbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 40.81.121.135 8075 (MICROSOFT...)
1 9 159.127.184.113 19137 (EPSILON-I...)
1 52.143.247.24 8075 (MICROSOFT...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 15.237.76.117 16509 (AMAZON-02)
14 5
1    40.81.121.135 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rewards.usbank.com.mcas.ms
9    159.127.184.113 (United States)

ASN19137 (EPSILON-INTERACTIVE, US)
rewards.usbank.com
1    52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us1-htp.tokenex.com
2    2a02:26f0:6c00:299::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
assets.adobedtm.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
usbank1.d2.sc.omtrdc.net
Domain Requested by
9 rewards.usbank.com 1 redirects rewards.usbank.com
3 usbank1.d2.sc.omtrdc.net 1 redirects rewards.usbank.com
2 assets.adobedtm.com rewards.usbank.com
1 cdnjs.cloudflare.com rewards.usbank.com
1 us1-htp.tokenex.com rewards.usbank.com
1 rewards.usbank.com.mcas.ms 1 redirects
14 6

This site contains no links.

Subject Issuer Validity Valid
rewards.usbank.com
Entrust Certification Authority - L1K		 2020-07-22 -
2022-07-22		 2 years crt.sh
api.tokenex.com
Go Daddy Secure Certificate Authority - G2		 2019-01-22 -
2021-01-31		 2 years crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA		 2019-10-22 -
2021-10-01		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
*.d2.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2020-02-28 -
2022-03-04		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://rewards.usbank.com/
Frame ID: 77F639FBC8855879C79B0C5C5942FB02
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://rewards.usbank.com.mcas.ms/ HTTP 307
    http://rewards.usbank.com/ HTTP 302
    https://rewards.usbank.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<div class="[^"]*aem-Grid/i
  • script /\/etc.clientlibs\//i
Overall confidence: 100%
Detected patterns
  • html /<div class="[^"]*aem-Grid/i
  • script /\/etc.clientlibs\//i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/assets.adobedtm.com\//i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

14
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

960 kB
Transfer

1006 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rewards.usbank.com.mcas.ms/ HTTP 307
    http://rewards.usbank.com/ HTTP 302
    https://rewards.usbank.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://usbank1.d2.sc.omtrdc.net/b/ss/usbepsilonprod/1/JS-2.15.0-L9UP/s58354455519751?AQB=1&ndh=1&pf=1&t=20%2F10%2F2020%2022%3A56%3A6%205%20-60&fid=2CBB4ED28C28876B-39BF292B8ABCFBEC&ce=UTF-8&pageName=Access%20Denied&g=https%3A%2F%2Frewards.usbank.com%2F&cc=USD&events=event1&v10=Access%20Denied&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • https://usbank1.d2.sc.omtrdc.net/b/ss/usbepsilonprod/1/JS-2.15.0-L9UP/s58354455519751?AQB=1&pccr=true&ndh=1&pf=1&t=20%2F10%2F2020%2022%3A56%3A6%205%20-60&fid=2CBB4ED28C28876B-39BF292B8ABCFBEC&ce=UTF-8&pageName=Access%20Denied&g=https%3A%2F%2Frewards.usbank.com%2F&cc=USD&events=event1&v10=Access%20Denied&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
rewards.usbank.com/
Redirect Chain
  • http://rewards.usbank.com.mcas.ms/
  • http://rewards.usbank.com/
  • https://rewards.usbank.com/
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rewards.usbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.127.184.113 , United States, ASN19137 (EPSILON-INTERACTIVE, US),
Reverse DNS
Software
Apache /
Resource Hash
ec163a7741ddcf0af2675ddcc70be20d7f830b969821ebdcd2b5d081b6a00417
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://onlinebanking.usbank.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com

Request headers

Host
rewards.usbank.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 20 Nov 2020 21:56:04 GMT
Server
Apache
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com
Set-Cookie
JSESSIONID=node030joepaokru5do7virg8dke0379094.node0;Path=/;Secure;HttpOnly uat-cookie=!oIF97ekd2lFmyQfYFNCi8M0l4Lr318F2HUd6wZ+xbFVQD5ZtmrGuLOsVLMXdNo6mqt+20iEh1kBiMte+AgPye65fe0oi1/j5VVeT0ax8; path=/; Httponly; Secure
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Security-Policy
frame-ancestors https://onlinebanking.usbank.com
Content-Length
3455
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html;charset=utf-8

Redirect headers

Location
https://rewards.usbank.com/
Server
BigIP
Connection
Keep-Alive
Content-Length
0
jquery.min.ACSHASH772fb04d4ce536dfb06c17e789ad4dbd.js
rewards.usbank.com/etc.clientlibs/clientlibs/granite/ 		111 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rewards.usbank.com/etc.clientlibs/clientlibs/granite/jquery.min.ACSHASH772fb04d4ce536dfb06c17e789ad4dbd.js
Requested by
Host: rewards.usbank.com
URL: https://rewards.usbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.127.184.113 , United States, ASN19137 (EPSILON-INTERACTIVE, US),
Reverse DNS
Software
Apache /
Resource Hash
b397476bcbcf8c9eae3f82007cc4f9495661b367e02e6d3dea6e15f0610ef20a
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://onlinebanking.usbank.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com

Request headers

Referer
https://rewards.usbank.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 20 Nov 2020 21:56:04 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 01 Oct 2019 05:25:33 GMT
Server
Apache
ETag
"1baa2-593d294d5ad40"
X-Frame-Options
SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com
Content-Type
application/javascript;charset=utf-8
Content-Security-Policy
frame-ancestors https://onlinebanking.usbank.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
113314
clientlib-dependencies.min.ACSHASH03188ce372c21ce305b464a85218c012.js
rewards.usbank.com/etc.clientlibs/usbankrewards/clientlibs/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rewards.usbank.com/etc.clientlibs/usbankrewards/clientlibs/clientlib-dependencies.min.ACSHASH03188ce372c21ce305b464a85218c012.js
Requested by
Host: rewards.usbank.com
URL: https://rewards.usbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.127.184.113 , United States, ASN19137 (EPSILON-INTERACTIVE, US),
Reverse DNS
Software
Apache /
Resource Hash
d7f511e3805e04f170e96129e65913e72b237486b6bdd97996b644bd752d064d
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://onlinebanking.usbank.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com

Request headers

Referer
https://rewards.usbank.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 20 Nov 2020 21:56:04 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 09 Nov 2020 05:25:02 GMT
Server
Apache
ETag
"7c38-5b3a5c8b78780"
X-Frame-Options
SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com
Content-Type
application/javascript;charset=utf-8
Content-Security-Policy
frame-ancestors https://onlinebanking.usbank.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
31800
clientlib-dependencies.min.ACSHASHd41d8cd98f00b204e9800998ecf8427e.css
rewards.usbank.com/etc.clientlibs/usbankrewards/clientlibs/ 		0
459 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rewards.usbank.com/etc.clientlibs/usbankrewards/clientlibs/clientlib-dependencies.min.ACSHASHd41d8cd98f00b204e9800998ecf8427e.css
Requested by
Host: rewards.usbank.com
URL: https://rewards.usbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.127.184.113 , United States, ASN19137 (EPSILON-INTERACTIVE, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://onlinebanking.usbank.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com

Request headers

Referer
https://rewards.usbank.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 20 Nov 2020 21:56:04 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 01 Oct 2019 05:25:33 GMT
Server
Apache
ETag
"0-593d294dc4f77"
X-Frame-Options
SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com
Content-Type
text/css;charset=utf-8
Content-Security-Policy
frame-ancestors https://onlinebanking.usbank.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
0
clientlib-base.min.ACSHASH9b5a60ac0304dc004278ecc8b06bdb29.css
rewards.usbank.com/etc.clientlibs/usbankrewards/clientlibs/ 		364 KB
364 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rewards.usbank.com/etc.clientlibs/usbankrewards/clientlibs/clientlib-base.min.ACSHASH9b5a60ac0304dc004278ecc8b06bdb29.css
Requested by
Host: rewards.usbank.com
URL: https://rewards.usbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.127.184.113 , United States, ASN19137 (EPSILON-INTERACTIVE, US),
Reverse DNS
Software
Apache /
Resource Hash
7f55d7345d149007c2805e663351a0dffe3339f97ce1d044396163d1a26c7389
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://onlinebanking.usbank.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com

Request headers

Referer
https://rewards.usbank.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 20 Nov 2020 21:56:04 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 09 Nov 2020 05:25:02 GMT
Server
Apache
ETag
"5b005-5b3a5c8b78780"
X-Frame-Options
SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com
Content-Type
text/css;charset=utf-8
Content-Security-Policy
frame-ancestors https://onlinebanking.usbank.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
372741
Iframe-v3.min.js
us1-htp.tokenex.com/Iframe/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us1-htp.tokenex.com/Iframe/Iframe-v3.min.js
Requested by
Host: rewards.usbank.com
URL: https://rewards.usbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
933058eb9fd90b573409962af683df2c22c9854fb2b91c154968fe379ce5b5d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rewards.usbank.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Oct 2020 02:27:45 GMT
etag
"80664febd1acd61:0"
vary
Accept-Encoding
content-type
application/javascript
date
Fri, 20 Nov 2020 21:56:04 GMT
accept-ranges
bytes
content-length
2140
x-xss-protection
1; mode=block
launch-ENdd3c5cda58c54500aefd35f35e440ff9.min.js
assets.adobedtm.com/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-ENdd3c5cda58c54500aefd35f35e440ff9.min.js
Requested by
Host: rewards.usbank.com
URL: https://rewards.usbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c16403e1ad48a2f91eaf4fe57e0bace370f722a54850b9afd49cdeb9c173cdeb

Request headers

Referer
https://rewards.usbank.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 21:56:05 GMT
content-encoding
gzip
last-modified
Sat, 03 Aug 2019 15:40:39 GMT
server
AkamaiNetStorage
etag
"60facb1584f55bb70e923285d71cc6cf:1564846839.474878"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://rewards.usbank.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
12143
expires
Fri, 20 Nov 2020 22:56:05 GMT
USB-RewardCenterGenericErrorBlue.png
rewards.usbank.com/content/dam/usbankrewards/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rewards.usbank.com/content/dam/usbankrewards/USB-RewardCenterGenericErrorBlue.png
Requested by
Host: rewards.usbank.com
URL: https://rewards.usbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.127.184.113 , United States, ASN19137 (EPSILON-INTERACTIVE, US),
Reverse DNS
Software
Apache /
Resource Hash
34aea25144a9791cda4945ab29736107aeadf8c4b922a244e24eb10602cc1b5f
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://onlinebanking.usbank.com
X-Frame-Options SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com

Request headers

Referer
https://rewards.usbank.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 20 Nov 2020 21:56:05 GMT
Last-Modified
Tue, 01 Oct 2019 05:25:40 GMT
Server
Apache
ETag
"1d47-593d295407d00"
X-Frame-Options
SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com
Content-Type
image/png
Content-Disposition
attachment
Content-Security-Policy
frame-ancestors https://onlinebanking.usbank.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7495
clientlib-base.min.ACSHASHbbd56d94e8d1f75819e8418c1a47c43b.js
rewards.usbank.com/etc.clientlibs/usbankrewards/clientlibs/ 		410 KB
410 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rewards.usbank.com/etc.clientlibs/usbankrewards/clientlibs/clientlib-base.min.ACSHASHbbd56d94e8d1f75819e8418c1a47c43b.js
Requested by
Host: rewards.usbank.com
URL: https://rewards.usbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.127.184.113 , United States, ASN19137 (EPSILON-INTERACTIVE, US),
Reverse DNS
Software
Apache /
Resource Hash
04218b461ca9e46bbea8b52fda187d7e24054c8d768d278e638f0bb01462b7ce
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://onlinebanking.usbank.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com

Request headers

Referer
https://rewards.usbank.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 20 Nov 2020 21:56:05 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 09 Nov 2020 05:25:02 GMT
Server
Apache
ETag
"66749-5b3a5c8b78780"
X-Frame-Options
SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com
Content-Type
application/javascript;charset=utf-8
Content-Security-Policy
frame-ancestors https://onlinebanking.usbank.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
419657
token.json
rewards.usbank.com/libs/granite/csrf/ 		2 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rewards.usbank.com/libs/granite/csrf/token.json
Requested by
Host: rewards.usbank.com
URL: https://rewards.usbank.com/etc.clientlibs/usbankrewards/clientlibs/clientlib-dependencies.min.ACSHASH03188ce372c21ce305b464a85218c012.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.127.184.113 , United States, ASN19137 (EPSILON-INTERACTIVE, US),
Reverse DNS
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://onlinebanking.usbank.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com

Request headers

Referer
https://rewards.usbank.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 20 Nov 2020 21:56:05 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com
Content-Type
application/json;charset=iso-8859-1
Cache-Control
no-cache
Content-Security-Policy
frame-ancestors https://onlinebanking.usbank.com
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
2
Expires
-1
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP6989456eab6f4f618b15e82840ffd69b/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP6989456eab6f4f618b15e82840ffd69b/AppMeasurement.min.js
Requested by
Host: rewards.usbank.com
URL: https://rewards.usbank.com/etc.clientlibs/usbankrewards/clientlibs/clientlib-dependencies.min.ACSHASH03188ce372c21ce305b464a85218c012.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
d8b202fcb71f89cc175a962403911ee3da6d9736dd79b4ae3f4d5b972400bee2

Request headers

Referer
https://rewards.usbank.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 21:56:05 GMT
content-encoding
gzip
last-modified
Wed, 17 Jul 2019 21:32:04 GMT
server
Apache
etag
"fdc98c35f4bd77deab73aab133e4f8bd:1563399124"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://rewards.usbank.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
13098
expires
Fri, 20 Nov 2020 22:56:05 GMT
jquery.mousewheel.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js
Requested by
Host: rewards.usbank.com
URL: https://rewards.usbank.com/etc.clientlibs/usbankrewards/clientlibs/clientlib-dependencies.min.ACSHASH03188ce372c21ce305b464a85218c012.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
https://rewards.usbank.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 21:56:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
39481
x-via
cfworker/kv
cross-origin-resource-policy
cross-origin
content-length
1046
cf-request-id
0689415e6c00002fa546101000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
etag
"5eb03ec2-ad3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xJhBRMi2%2B1v8EAW2Z8XPhHx%2FnXsYvKHVDQgPU2T%2Ba0YKjSB3hYB5Ze8Pgrqrlz4iF22%2FebY6sqjlnOUa2xieyJshrmFaGjqGEoActxsAh0MAp3I8YT7FvyZADYFkOSVGuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f556b43d8232fa5-FRA
expires
Wed, 10 Nov 2021 21:56:06 GMT
s58354455519751
usbank1.d2.sc.omtrdc.net/b/ss/usbepsilonprod/1/JS-2.15.0-L9UP/
Redirect Chain
  • https://usbank1.d2.sc.omtrdc.net/b/ss/usbepsilonprod/1/JS-2.15.0-L9UP/s58354455519751?AQB=1&ndh=1&pf=1&t=20%2F10%2F2020%2022%3A56%3A6%205%20-60&fid=2CBB4ED28C28876B-39BF292B8ABCFBEC&ce=UTF-8&pageNa...
  • https://usbank1.d2.sc.omtrdc.net/b/ss/usbepsilonprod/1/JS-2.15.0-L9UP/s58354455519751?AQB=1&pccr=true&ndh=1&pf=1&t=20%2F10%2F2020%2022%3A56%3A6%205%20-60&fid=2CBB4ED28C28876B-39BF292B8ABCFBEC&ce=UT...
43 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usbank1.d2.sc.omtrdc.net/b/ss/usbepsilonprod/1/JS-2.15.0-L9UP/s58354455519751?AQB=1&pccr=true&ndh=1&pf=1&t=20%2F10%2F2020%2022%3A56%3A6%205%20-60&fid=2CBB4ED28C28876B-39BF292B8ABCFBEC&ce=UTF-8&pageName=Access%20Denied&g=https%3A%2F%2Frewards.usbank.com%2F&cc=USD&events=event1&v10=Access%20Denied&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: rewards.usbank.com
URL: https://rewards.usbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rewards.usbank.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 21:56:06 GMT
x-content-type-options
nosniff
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 21 Nov 2020 21:56:06 GMT
server
jag
xserver
anedge-f7bfdfcfd-vwgd7
etag
3448664103740342272-4621514515585843621
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 19 Nov 2020 21:56:06 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Nov 2020 21:56:06 GMT
x-content-type-options
nosniff
last-modified
Sat, 21 Nov 2020 21:56:06 GMT
server
jag
access-control-allow-origin
*
xserver
anedge-f7bfdfcfd-nz4jt
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
location
https://usbank1.d2.sc.omtrdc.net/b/ss/usbepsilonprod/1/JS-2.15.0-L9UP/s58354455519751?AQB=1&pccr=true&ndh=1&pf=1&t=20%2F10%2F2020%2022%3A56%3A6%205%20-60&fid=2CBB4ED28C28876B-39BF292B8ABCFBEC&ce=UTF-8&pageName=Access%20Denied&g=https%3A%2F%2Frewards.usbank.com%2F&cc=USD&events=event1&v10=Access%20Denied&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-type
text/plain;charset=utf-8
content-length
0
x-xss-protection
1; mode=block
expires
Thu, 19 Nov 2020 21:56:06 GMT
s5427798554656
usbank1.d2.sc.omtrdc.net/b/ss/usbepsilonprod/1/JS-2.15.0-L9UP/ 		43 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usbank1.d2.sc.omtrdc.net/b/ss/usbepsilonprod/1/JS-2.15.0-L9UP/s5427798554656?AQB=1&ndh=1&pf=1&t=20%2F10%2F2020%2022%3A56%3A10%205%20-60&fid=2CBB4ED28C28876B-39BF292B8ABCFBEC&ce=UTF-8&pageName=Access%20Denied&g=https%3A%2F%2Frewards.usbank.com%2F&cc=USD&events=event1%2Cevent1&v10=Access%20Denied&pe=lnk_o&pev2=link%20clicked&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&lrt=175&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rewards.usbank.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 21:56:10 GMT
x-content-type-options
nosniff
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 21 Nov 2020 21:56:10 GMT
server
jag
xserver
anedge-f7bfdfcfd-wc48d
etag
3448664112330276864-4621726002460446942
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 19 Nov 2020 21:56:10 GMT

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| matched object| browser object| Granite object| _g function| $CQ object| CQ undefined| G_XHR_HOOK undefined| G_RELOAD_HOOK undefined| G_IS_HOOKED undefined| G_CONTENT_PATH object| TokenEx object| _satellite boolean| __satelliteLoaded function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s_c_il number| s_c_in function| sliderContainerCatalog function| slickSlider function| ieStartsWith function| ieEndsWith function| conversionData object| progress undefined| current_fs undefined| next_fs undefined| previous_fs undefined| left undefined| opacity undefined| scale undefined| animating function| moveToNextStep function| moveToPrevStep object| validatorOptions function| incrementCheck function| fidincrementCheck function| bmwincrementCheck function| isValidPassword function| fieldMatch function| householdNum function| numValidator function| pointRangeRedemp function| isValidZip function| checkString function| checkCity function| checkAccInput function| checkAlpha function| checkalphanumeric function| checknickname function| checkInput function| checkRouting function| checkAccountVal function| replaceInvalid function| replaceAnInvalid function| checkInputDec function| checkInputDollarDec function| checkCC function| checkPhone function| ValidateEmail function| minLength function| minlengthFidAcc function| checkPoints function| checkFidPoints function| CCNumberValid function| checkDate function| formatString function| dateFormatCheck function| ageCheck function| startDateCheck function| calcincrementalOrderCost function| minlengthAcc function| calcmaxDollars function| calcMatmidPoints function| checkinstock function| isNumInteger undefined| xmlHttp function| srvTime object| overlayBtn function| convertPointsToDollar function| convertDollarToPoints function| calculatePercentageVal function| Popper object| bootstrap function| SelectBox boolean| mCustomScrollbar string| url string| domain string| server undefined| domainArray object| dataLayer object| s_i_usbepsilonprod

4 Cookies

Domain/Path Name / Value
.usbank.com/ Name: s_cc
Value: true
.usbank.com/ Name: s_fid
Value: 2CBB4ED28C28876B-39BF292B8ABCFBEC
rewards.usbank.com/ Name: uat-cookie
Value: !oIF97ekd2lFmyQfYFNCi8M0l4Lr318F2HUd6wZ+xbFVQD5ZtmrGuLOsVLMXdNo6mqt+20iEh1kBiMte+AgPye65fe0oi1/j5VVeT0ax8
rewards.usbank.com/ Name: JSESSIONID
Value: node030joepaokru5do7virg8dke0379094.node0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://onlinebanking.usbank.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW_FROM https://onlinebanking.usbank.com