urlscan.io logo urlscan.io
SecurityTrails logo

portal.cardaccesssite.com Open in urlscan Pro
2a02:26f0:dc:39a::39f0  Public Scan

Go To Rescan Add Verdict Report
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Submission: On February 03 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 37 HTTP transactions. The main IP is 2a02:26f0:dc:39a::39f0, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is portal.cardaccesssite.com. The Cisco Umbrella rank of the primary domain is 767721.
TLS certificate: Issued by Entrust Certification Authority - L1M on May 25th 2022. Valid for: a year.
This is the only time portal.cardaccesssite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
33 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
2 143.204.89.24 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
37 3
Apex Domain
Subdomains		 Transfer
33 cardaccesssite.com
portal.cardaccesssite.com — Cisco Umbrella Rank: 767721
694 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
20 KB
2 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 3295
55 KB
37 3
Domain Requested by
33 portal.cardaccesssite.com portal.cardaccesssite.com
cdn.appdynamics.com
2 www.google-analytics.com portal.cardaccesssite.com
cdn.appdynamics.com
2 cdn.appdynamics.com portal.cardaccesssite.com
cdn.appdynamics.com
37 3

This site contains links to these domains. Also see Links.

Domain
www.usbank.com
Subject Issuer Validity Valid
usb.usbank.com
Entrust Certification Authority - L1M		 2022-05-25 -
2023-05-25		 a year crt.sh
*.appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-17 -
2023-07-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://portal.cardaccesssite.com/web/KPFtemp/login
Frame ID: 7110566D0BFA97751EC4775155C7F6C6
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

My Login

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

769 kB
Transfer

2182 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
portal.cardaccesssite.com/web/KPFtemp/ 		42 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
784b9dcd7e4b8591c6fd0d0936c9ac52689edacf98cc7f9e6ef49bedf56a9ec0
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-type
text/html;charset=UTF-8
date
Fri, 03 Feb 2023 22:04:33 GMT
liferay-portal
Liferay DXP Digital Enterprise
referrer-policy
strict-origin-when-cross-origin
server
server
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 9080 0 pmb=mTOE,1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block
mentions.css
portal.cardaccesssite.com/o/mentions-web/css/ 		563 B
590 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/o/mentions-web/css/mentions.css
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
b1446f4e069d42d0c51dc67f91a42f8fc5df6669310c8b8842eb8b6ab310a916
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:33 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2024735
content-length
227
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 08:30:08 GMT
main.css
portal.cardaccesssite.com/o/dynamic-data-mapping-form-renderer/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/o/dynamic-data-mapping-form-renderer/css/main.css
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
28a48f1cf78d32b463a3b9ee973b2700322408026357f0c45f5cd2c6bbca3923
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:33 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2024705
content-length
724
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 08:29:38 GMT
aui.css
portal.cardaccesssite.com/o/kroger-comp-theme/css/ 		446 KB
66 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/o/kroger-comp-theme/css/aui.css?browserId=other&themeId=krogertemp_WAR_krogercomptheme&minifierType=css&languageId=en_US&b=7010&t=1674881746989
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
f2cf8c48c6627fe010ef96794ed28e6d7b1a3f4e855188c41d38f25ae1d40259
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:33 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2033132
content-length
67226
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 10:50:05 GMT
main.css
portal.cardaccesssite.com/o/frontend-css-web/ 		104 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/o/frontend-css-web/main.css?browserId=other&themeId=krogertemp_WAR_krogercomptheme&minifierType=css&languageId=en_US&b=7010&t=1674881665765
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
7de98c925e713a690fdb8587625c755ea520e3eb533c8c3489dd9afd8e425eac
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:33 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2024789
content-length
18262
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 08:31:02 GMT
combo
portal.cardaccesssite.com/ 		10 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/combo?browserId=other&minifierType=&themeId=krogertemp_WAR_krogercomptheme&languageId=en_US&b=7010&MultiStageFSVpasswordlogin_WAR_cardportal7:%2Fassets%2Fcss%2Fnew.css&com_liferay_journal_content_web_portlet_JournalContentPortlet_INSTANCE_iP42yq8lSuL1:%2Fcss%2Fmain.css&com_liferay_product_navigation_product_menu_web_portlet_ProductMenuPortlet:%2Fcss%2Fmain.css&t=1674903562000
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
3f76ba35022028ac1a49ad9c57e3d8043eaee89a95ec50f1638df727a12f2d63
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:33 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
content-length
2633
x-xss-protection
1; mode=block
expires
Mon, 31 Jan 2033 22:04:33 GMT
js_loader_modules
portal.cardaccesssite.com/o/ 		114 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/o/js_loader_modules?t=1674881746989
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
8f195faace4fff858d5e97a705a8d8053a823164b4f4709c3e2addd8982a6338
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
server
date
Fri, 03 Feb 2023 22:04:33 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/javascript;charset=UTF-8
x-xss-protection
1; mode=block
everything.jsp
portal.cardaccesssite.com/o/frontend-js-web/ 		696 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/o/frontend-js-web/everything.jsp?browserId=other&themeId=krogertemp_WAR_krogercomptheme&colorSchemeId=01&minifierType=js&minifierBundleId=javascript.everything.files&languageId=en_US&b=7010&t=1674881666104
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
5d6e01274c3a1a4ce1ea589627aa77a93c723cea1f881ccad69eb81c7f418939
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:33 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=2024795
content-length
218541
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 08:31:08 GMT
js_bundle_config
portal.cardaccesssite.com/o/ 		40 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/o/js_bundle_config?t=1674881749108
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
8e05ad6b358c8967c47bf45f6c2e66ce24187b4b1c9fd47a7ccd0862d6529181
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
server
date
Fri, 03 Feb 2023 22:04:33 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/javascript;charset=UTF-8
x-xss-protection
1; mode=block
combo
portal.cardaccesssite.com/ 		66 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/combo?browserId=other&minifierType=&themeId=krogertemp_WAR_krogercomptheme&languageId=en_US&b=7010&MultiStageFSVpasswordlogin_WAR_cardportal7:%2Fassets%2Fyui%2Fbuild%2Fyuiloader%2Fyuiloader-min.js&MultiStageFSVpasswordlogin_WAR_cardportal7:%2Fassets%2Fyui%2Fbuild%2Fevent%2Fevent-min.js&MultiStageFSVpasswordlogin_WAR_cardportal7:%2Fassets%2Fyui%2Fbuild%2Fconnection%2Fconnection-min.js&MultiStageFSVpasswordlogin_WAR_cardportal7:%2Fassets%2Fyui%2Fbuild%2Fjson%2Fjson-min.js&MultiStageFSVpasswordlogin_WAR_cardportal7:%2Fassets%2Fyui%2Fbuild%2Fcookie%2Fcookie-min.js&MultiStageFSVpasswordlogin_WAR_cardportal7:%2Fassets%2Fjs%2Fjsvalidate.js&t=1674903562000
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
4aeb414a485d2327497fc63464425234e8c01c5dc849cf11033669e2a2e5a1e6
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:33 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=315360000, public
content-length
21000
x-xss-protection
1; mode=block
expires
Mon, 31 Jan 2033 22:04:33 GMT
main.css
portal.cardaccesssite.com/o/kroger-comp-theme/css/ 		80 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/o/kroger-comp-theme/css/main.css?browserId=other&themeId=krogertemp_WAR_krogercomptheme&minifierType=css&languageId=en_US&b=7010&t=1674881746989
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
f01c129b7a1e842fca69afa9ddf9d290849d9dceb41802795923079c8e952e3f
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:33 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2033181
content-length
15753
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 10:50:54 GMT
combo
portal.cardaccesssite.com/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/combo?browserId=other&minifierType=css&languageId=en_US&b=7010&t=1674881655298&/o/product-navigation-simulation-theme-contributor/css/simulation_panel.css&/o/product-navigation-control-menu-theme-contributor/css/showToggle-contributor.css&/o/product-navigation-product-menu-dxp-theme-contributor/product_navigation_product_menu.css&/o/product-navigation-control-menu-dxp-theme-contributor/product_navigation_control_menu.css
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
cb0811cbffffe4fb13996cd6ddcb70d5b845d585e26b9c27a657f32b700fc0a0
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:33 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
content-length
4789
x-xss-protection
1; mode=block
expires
Mon, 31 Jan 2033 22:04:33 GMT
combo
portal.cardaccesssite.com/ 		466 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/combo?browserId=other&minifierType=js&languageId=en_US&b=7010&t=1674881655298&/o/product-navigation-control-menu-theme-contributor/js/showToggle-contributor.js&/o/product-navigation-control-menu-dxp-theme-contributor/product_navigation_control_menu.js
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
6b305c807c5e6c509163a6f330f439dd52308b98173874b2918b603f9a960dc1
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:33 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=315360000, public
content-length
298
x-xss-protection
1; mode=block
expires
Mon, 31 Jan 2033 22:04:33 GMT
main.css
portal.cardaccesssite.com/o/cardholder-portal-theme/css/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/o/cardholder-portal-theme/css/main.css?browserId=other&themeId=krogertemp_WAR_krogercomptheme&minifierType=css&languageId=en_US&b=7010&t=1674881746989
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
dc91fdade3effc0eb4df756dc370ba5ef4dadf2eea63eabfbf45194c7e39d6cc
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:33 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2033107
content-length
8067
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 10:49:40 GMT
kpftemp.css
portal.cardaccesssite.com/o/kroger-comp-theme/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/o/kroger-comp-theme/css/kpftemp.css?browserId=other&themeId=krogertemp_WAR_krogercomptheme&minifierType=css&languageId=en_US&b=7010&t=1674881746989
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
c15bcefc821af787c8da9b809ccf8c73043a49873ffc329f537759493cf00731
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:33 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2033198
content-length
1827
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 10:51:11 GMT
d6ba2b93-9054-94db-bef0-cda8146e4a61
portal.cardaccesssite.com/documents/466534/28717677/Kroger_Logo_RGB.pdf/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.cardaccesssite.com/documents/466534/28717677/Kroger_Logo_RGB.pdf/d6ba2b93-9054-94db-bef0-cda8146e4a61
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 15:28:30 GMT
server
server
date
Fri, 03 Feb 2023 22:04:34 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/pdf
cache-control
private
content-disposition
inline; filename="Kroger_Logo_RGB.pdf"
content-length
630690
x-xss-protection
1; mode=block
adrum-4.5.17.2890.js
cdn.appdynamics.com/adrum/ 		96 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum/adrum-4.5.17.2890.js
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-24.fra50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
3a7a992929b0af019d45d0b1707be3cfee029fb7c760300f9727ffb1e5fae507

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 06:11:59 GMT
content-encoding
gzip
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
2562755
x-cache
Hit from cloudfront
last-modified
Thu, 16 Jan 2020 22:53:27 GMT
server
nginx/1.16.1
etag
W/"5e20e967-18083"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
PPSKvQWeJetI5OAWd9-ms6kBwd80WZaGhDTDuAQwzhxH_mcpKfAP5A==
cardid-help.png
portal.cardaccesssite.com/o/cardportal7/assets/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.cardaccesssite.com/o/cardportal7/assets/images/cardid-help.png
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
85e347cd74b493c456932df77810cd6182ff1340a1ec0c8554512956ca805f7d
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 14 Oct 2022 20:20:42 GMT
server
server
date
Fri, 03 Feb 2023 22:04:34 GMT
etag
"cb73a7c1"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
cache-control
public, max-age=2136467
content-length
17095
x-xss-protection
1; mode=block
expires
Tue, 28 Feb 2023 15:32:21 GMT
main.js
portal.cardaccesssite.com/o/kroger-comp-theme/js/ 		18 B
403 B 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/o/kroger-comp-theme/js/main.js?browserId=other&minifierType=js&languageId=en_US&b=7010&t=1674881746989
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
13008db630827d071ad4309dd42b86b527bd8d350a208f12a5a4149cf94145ed
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:34 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=2060729
content-length
35
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 18:30:03 GMT
1YrS0U
portal.cardaccesssite.com/XgYpVrlJfFRG/Ap/9Y6cj775Zo/uaEiLkbf/HXYyb00D/IDsiI/ 		182 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/XgYpVrlJfFRG/Ap/9Y6cj775Zo/uaEiLkbf/HXYyb00D/IDsiI/1YrS0U
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
233a5cb7ccfbad3e40b0984592960920bdcf915fd9d987ae3d5ebabcb32e86c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 22:04:34 GMT
content-encoding
gzip
last-modified
Mon, 05 Dec 2022 18:21:50 GMT
etag
"c065b170d98e55180d9d0ec22203687e78580f5a9c71964c6b1b97f01595bfe0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
content-length
72934
jquery-combine.js
portal.cardaccesssite.com/o/cardholder-portal-theme/js/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/o/cardholder-portal-theme/js/jquery-combine.js?browserId=other&minifierType=js&languageId=en_US&b=7010&t=1674881746989
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
ec8055d3cce09e30e9b2701dac05930451db2b80339d335738c410fa7a05f146
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:34 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=2033209
content-length
7513
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 10:51:23 GMT
common-1.0.js
portal.cardaccesssite.com/o/cardholder-portal-theme/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/o/cardholder-portal-theme/js/common-1.0.js?browserId=other&minifierType=js&languageId=en_US&b=7010&t=1674881746989
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
542ae80e2649f86b2f30e3e80290ea0d5dc7d5322df531f5caef4f489ca08265
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:34 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=2037119
content-length
3056
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 11:56:33 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Feb 2023 20:54:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4184
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 03 Feb 2023 22:54:50 GMT
/
portal.cardaccesssite.com/combo/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/combo/?browserId=other&minifierType=&languageId=en_US&b=7010&t=1674881666104&/o/frontend-js-spa-web/liferay/init.es.js
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/o/frontend-js-web/everything.jsp?browserId=other&themeId=krogertemp_WAR_krogercomptheme&colorSchemeId=01&minifierType=js&minifierBundleId=javascript.everything.files&languageId=en_US&b=7010&t=1674881666104
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
79e07f9be61abd6af96d40394b88b6ee554bed43bd168d9e77274ecff8a71ae1
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:34 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=315360000, public
content-length
913
x-xss-protection
1; mode=block
expires
Mon, 31 Jan 2033 22:04:34 GMT
blueelite-body_bg.gif
portal.cardaccesssite.com/o/kroger-comp-theme/images/FSV/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.cardaccesssite.com/o/kroger-comp-theme/images/FSV/blueelite-body_bg.gif
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/o/kroger-comp-theme/css/main.css?browserId=other&themeId=krogertemp_WAR_krogercomptheme&minifierType=css&languageId=en_US&b=7010&t=1674881746989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
8529e1518a9f4287630af4a4404231c179f9bc3d56f5574eb8d974388a3ef53e
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/o/kroger-comp-theme/css/main.css?browserId=other&themeId=krogertemp_WAR_krogercomptheme&minifierType=css&languageId=en_US&b=7010&t=1674881746989
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 16 Aug 2019 21:25:02 GMT
server
server
date
Fri, 03 Feb 2023 22:04:34 GMT
etag
"7c5d7311"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/gif
cache-control
public, max-age=2078020
content-length
1694
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 23:18:14 GMT
header.png
portal.cardaccesssite.com/o/kroger-comp-theme/images/kroger-1-2-3/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.cardaccesssite.com/o/kroger-comp-theme/images/kroger-1-2-3/header.png
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/o/kroger-comp-theme/css/kpftemp.css?browserId=other&themeId=krogertemp_WAR_krogercomptheme&minifierType=css&languageId=en_US&b=7010&t=1674881746989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
a59ae007953e2b68c5283e6086838039678bf23ce4f05052305a3e6f1c75ed5b
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/o/kroger-comp-theme/css/kpftemp.css?browserId=other&themeId=krogertemp_WAR_krogercomptheme&minifierType=css&languageId=en_US&b=7010&t=1674881746989
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 16 Aug 2019 21:25:02 GMT
server
server
date
Fri, 03 Feb 2023 22:04:34 GMT
etag
"ad8a8027"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
cache-control
public, max-age=2060702
content-length
8681
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 18:29:36 GMT
input_shadow.png
portal.cardaccesssite.com/o/cardholder-portal-theme/images/forms/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.cardaccesssite.com/o/cardholder-portal-theme/images/forms/input_shadow.png
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/o/cardholder-portal-theme/css/main.css?browserId=other&themeId=krogertemp_WAR_krogercomptheme&minifierType=css&languageId=en_US&b=7010&t=1674881746989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
576a337196cddc59f9865d93f470ea377c1770390402b08c788f497f71192449
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/o/cardholder-portal-theme/css/main.css?browserId=other&themeId=krogertemp_WAR_krogercomptheme&minifierType=css&languageId=en_US&b=7010&t=1674881746989
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 12 Feb 2019 02:59:14 GMT
server
server
date
Fri, 03 Feb 2023 22:04:34 GMT
etag
"e8628fec"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
cache-control
public, max-age=2060760
content-length
2108
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 18:30:34 GMT
enter-inactive.png
portal.cardaccesssite.com/o/cardportal7/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.cardaccesssite.com/o/cardportal7/assets/images/enter-inactive.png
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
b9bcff80309ef56a1b8eb29fe9221c564cad1f050a36ed817a5845538ff3980e
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 14 Oct 2022 20:20:42 GMT
server
server
date
Fri, 03 Feb 2023 22:04:34 GMT
etag
"3f60cd75"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
cache-control
public, max-age=2060822
content-length
2297
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 18:31:36 GMT
login-inactive.png
portal.cardaccesssite.com/o/cardportal7/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.cardaccesssite.com/o/cardportal7/assets/images/login-inactive.png
Requested by
Host: portal.cardaccesssite.com
URL: https://portal.cardaccesssite.com/web/KPFtemp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
928b1ebb4711af90d9aaa62883a3db443e247d246f4a08701f1b62f542112d6b
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 14 Oct 2022 20:20:42 GMT
server
server
date
Fri, 03 Feb 2023 22:04:34 GMT
etag
"f3559fa9"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
cache-control
public, max-age=2060664
content-length
2358
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 18:28:58 GMT
/
portal.cardaccesssite.com/combo/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/combo/?browserId=other&minifierType=&languageId=en_US&b=7010&t=1674881666104&/o/frontend-js-web/aui/event-move/event-move-min.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.17.2890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
36310c9fd2c92d18fef7f82bad4e2551a294400bc06b0c929b8c7f28111d0d20
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:34 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=315360000, public
content-length
1553
x-xss-protection
1; mode=block
expires
Mon, 31 Jan 2033 22:04:34 GMT
collect
www.google-analytics.com/j/ 		2 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=382741144&t=pageview&_s=1&dl=https%3A%2F%2Fportal.cardaccesssite.com%2Fweb%2FKPFtemp%2Flogin&ul=en-us&de=UTF-8&dt=My%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=582647817&gjid=302773325&cid=1853085697.1675461874&tid=UA-74236936-2&_gid=882625616.1675461874&_r=1&_slc=1&z=877658661
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.17.2890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.cardaccesssite.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 22:04:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portal.cardaccesssite.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1YrS0U
portal.cardaccesssite.com/XgYpVrlJfFRG/Ap/9Y6cj775Zo/uaEiLkbf/HXYyb00D/IDsiI/ 		18 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/XgYpVrlJfFRG/Ap/9Y6cj775Zo/uaEiLkbf/HXYyb00D/IDsiI/1YrS0U
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.17.2890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
ADRUM
isAjax:true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 22:04:34 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://portal.cardaccesssite.com
access-control-allow-credentials
true
x_req_id
db03d51c-a30a-4178-927c-f9e5de9ff353
access-control-allow-headers
Content-Type
content-length
18
/
portal.cardaccesssite.com/combo/ 		772 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/combo/?browserId=other&minifierType=&languageId=en_US&b=7010&t=1674881666104&/o/frontend-js-web/aui/widget-base/assets/skins/sam/widget-base.css&/o/frontend-js-web/aui/widget-stack/assets/skins/sam/widget-stack.css&/o/frontend-js-web/aui/aui-tooltip-base/assets/skins/sam/aui-tooltip-base.css&/o/frontend-js-web/aui/aui-alert/assets/skins/sam/aui-alert.css
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.17.2890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
879180748d5dbf4f82bde7d22d263f844015e9d930f193e533d4b598d14088db
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:35 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
content-length
322
x-xss-protection
1; mode=block
expires
Mon, 31 Jan 2033 22:04:34 GMT
available_languages.jsp
portal.cardaccesssite.com/o/frontend-js-web/liferay/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/o/frontend-js-web/liferay/available_languages.jsp?browserId=other&themeId=krogertemp_WAR_krogercomptheme&colorSchemeId=01&minifierType=js&languageId=en_US&b=7010&t=1674881666104
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.17.2890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
19c85d4ae54b8085ef9e183d871ca4041a19123b3f0e8e8080669fb199191c94
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:35 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
content-length
432
x-xss-protection
1; mode=block
/
portal.cardaccesssite.com/combo/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/combo/?browserId=other&minifierType=&languageId=en_US&b=7010&t=1674881666104&/o/frontend-js-web/aui/base-core/base-core-min.js&/o/frontend-js-web/aui/base-observable/base-observable-min.js&/o/frontend-js-web/aui/aui-widget-cssclass/aui-widget-cssclass-min.js&/o/frontend-js-web/aui/aui-widget-toggle/aui-widget-toggle-min.js&/o/frontend-js-web/aui/transition/transition-min.js&/o/frontend-js-web/aui/aui-widget-transition/aui-widget-transition-min.js&/o/frontend-js-web/aui/aui-widget-trigger/aui-widget-trigger-min.js&/o/frontend-js-web/aui/aui-widget-position-align-suggestion/aui-widget-position-align-suggestion-min.js&/o/frontend-js-web/aui/escape/escape-min.js&/o/frontend-js-web/aui/widget-autohide/widget-autohide-min.js&/o/frontend-js-web/aui/aui-tooltip-base/aui-tooltip-base-min.js&/o/frontend-js-web/aui/aui-tooltip-delegate/aui-tooltip-delegate-min.js&/o/frontend-js-web/liferay/language.js&/o/frontend-js-web/aui/timers/timers-min.js&/o/frontend-js-web/aui/aui-alert/aui-alert-min.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.17.2890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
14e82dcfebfbe8089ec2904d6ae62236f3fda269b1bd2342a6256462c491c6fa
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:35 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=315360000, public
content-length
9886
x-xss-protection
1; mode=block
expires
Mon, 31 Jan 2033 22:04:35 GMT
/
portal.cardaccesssite.com/combo/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.cardaccesssite.com/combo/?browserId=other&minifierType=&languageId=en_US&b=7010&t=1674881666104&/o/frontend-js-web/liferay/node.js&/o/frontend-js-web/liferay/portlet_base.js&/o/frontend-js-web/liferay/alert.js&/o/frontend-js-web/liferay/notification.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.17.2890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:26f0:dc:39a::39f0 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
server /
Resource Hash
62ed2e922b527de7f63d37b9d121642ba7a80107f148ff7bf9c07c72f3d212d4
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/web/KPFtemp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
gzip
server
server
date
Fri, 03 Feb 2023 22:04:35 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=315360000, public
content-length
1944
x-xss-protection
1; mode=block
expires
Mon, 31 Jan 2033 22:04:34 GMT
adrum-ext.a5e921eab2dde2c5ab4b79ea636b8271.js
cdn.appdynamics.com/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.a5e921eab2dde2c5ab4b79ea636b8271.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.17.2890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-24.fra50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
df69c91663e4636edcbbb54e14e7763ca70c5cdb66d448279b4e16dee8bb896a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.cardaccesssite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 02:18:25 GMT
content-encoding
gzip
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1712770
x-cache
Hit from cloudfront
last-modified
Thu, 16 Jan 2020 22:53:28 GMT
server
nginx/1.16.1
etag
W/"5e20e968-ca49"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
PVFVSu4LV44gV-Zg8QFLvOjilehISzSHh8qoFA3DtB_1TGvUkzyOTw==

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| Liferay object| themeDisplay function| YUI function| $ function| jQuery object| __CONFIG__ function| ES6Promise function| _ object| YUI_config function| AUI function| svg4everybody function| submitForm object| __METAL_COMPATIBILITY__ string| GoogleAnalyticsObject function| ga object| YAHOO function| FIC_checkForm function| FIC_checkField function| FIC_checkRadCbx function| FIC_checkSel function| addClassName function| removeClassName function| attachToForms function| isVisible function| searchUp function| xGetElementById function| fnHideLangConversion function| fnCheckChild function| clickIE4 function| clickNS4 function| getParameterByName string| portletState number| adrum-start-time object| adrum-config object| ADRUM string| PATH_PORTLET_CONFIGURATION_CSS_WEB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _cf object| bmak string| _sdTrace function| initFAQ function| changeCountAmt function| showContent function| toggleContent function| outputDebug function| outputDebugNested function| removeFilter function| checkAll function| isUSCurrency object| oCurrencyValues function| validateCurrency function| enableEnrollment function| checkEnrollment function| openNewWindow function| removeEmptyPortlets function| getElementsByClassNameFooter function| trimLRFooter number| screenSize number| footerY function| handleFirstColumn function| resetScreenSize function| footerCssDisplay function| formSubmitWithAction function| hideCardlyticsDiv string| _yuid

16 Cookies

Domain/Path Name / Value
portal.cardaccesssite.com/ Name: SameSite
Value: None
portal.cardaccesssite.com/ Name: JSESSIONID
Value: FA5E082298EACB45A39767A4E2AE6BFB.pM0Q
portal.cardaccesssite.com/ Name: COOKIE_SUPPORT
Value: true
.cardaccesssite.com/ Name: GUEST_LANGUAGE_ID
Value: en_US
portal.cardaccesssite.com/ Name: portal.cardaccesssite.com_8443
Value: !wF9Hc9iB/uKCsPf0UZAhrbDXNiek7AzaYhNHlNOp7SB7EpBTt13FkFfF4P0hUoNkWa2Y4qJR48UcwA==
.cardaccesssite.com/ Name: ak_bmsc
Value: 2C81E00F15157860B7BEDDC48EC434EA~000000000000000000000000000000~YAAQtgRTaHyjW8iFAQAAsU5PGRLbIZSmdKNKL4dw7TicXEivqE/EFWf4WBXdIrSGGgbDmNlpyQXt3jHiwp+rvbdKFIx3aE/bzTF/bV6HzBtr/+qrJicmlIHblfTvZGJTvpjo1Ls+hsTkyvP6vv58oY1SkbtzunMh1U/sANgcpTiALlAM/fPwLVU7vj4cTpphQlF+9I/haA2uupKwLnBTu+M+R7S+ggh/IYYHiyIgyRtghrlz4IoDgAE6PO/9oNYkiELXQe9VwAVrohcPbPflXbg4TOqh9/xSHHwmjHlAXoxMcIsbo2UO5Ll1CxusueRQhjQ2EJFe88uQXpDD6mY5qtW9+5e+ohYPdDYIyCzRNsrXplbiMqhwDrKqjDGQQSus310iuOfZDOdrwg9exRSIFS2lX5VCdVTJq+fXqz5K3O9+urkKj9cHHMA=
.cardaccesssite.com/ Name: bm_sz
Value: 60BEBB1CA94AD30D93EBDE48657B3E86~YAAQtgRTaH2jW8iFAQAAsU5PGRIPe/Dyv3tIFcmIU9G7gqXIv7qQGtJkx1JkXaltVbgVTaMoXd8h1JO78Jead5cQzrrQgLAgxNsmFufsu9bCM/UyhvYqrDoe9YewP2IDZ2BCA82uawLa8gv4Zsiv5w0CKwRSmpynqzbB4hoIPLbvQGEZ6di8jWHNZeIN3lZ1MEgggpc8vc8oBsKgjepkfUmXIux/5UVdqlmJfnRjqhHPGoqfftGoq3B9zVPN0CaXqdwF+NLwNknUy+0z1ZbyVGJ7mmSN5FpyamhzcFOp06RvOL5uMlveOSmYvQ==~3486534~4604486
.cardaccesssite.com/ Name: _ga
Value: GA1.2.1853085697.1675461874
.cardaccesssite.com/ Name: _gid
Value: GA1.2.882625616.1675461874
.cardaccesssite.com/ Name: _gat
Value: 1
.cardaccesssite.com/ Name: _abck
Value: D833D326225ABB4B28AE0A67A6E4EFEB~0~YAAQtgRTaM6jW8iFAQAA2lRPGQl5MmTlsbjLuyd8YYAf2RuY4AJYW/aderaktrY9nGWQPZ1aeBT1b9y8EbT9tlIX1qRyxCNnRoX4G4+7qYlEdwXcOhEuKuK8bm0meN0NJ1Bn3yuO77Hrn6UibbV6Ztp2632ixbiRGpDNr6X3nDfxScqhMSaxzjSrX1Oh10c47vNrUS3GLBUoa6NmlhmbgXJ7WZDZU/aAai+8th7FHC3EMAC9puHTWG6mKwT039sOF/ckYXXMtVMs1c4G9ue3XM5zz3X6N7kHEoMl5z67fMrkgJaRzykJ99XQYJWiEP5d9EOonlhyZdW4umwKdiVrdljxV3qRvKGOdUeXZw2PbQ72s7jz4Sve4MWnIJYs5B23jDRfAX1rYdh7/PJKNIuhFSf/p2+P1FCVuBCl8yi0nj0=~-1~-1~-1
portal.cardaccesssite.com/ Name: ADRUM_BTa
Value: "R:51|g:05fe4579-29e9-4d83-be6f-a4f6a6a2d7d6|n:USBANK_351d091f-c3a8-4779-a0da-4a53785ebec3"
portal.cardaccesssite.com/ Name: ADRUM_BT1
Value: "R:51|i:293624|e:0|d:0"
portal.cardaccesssite.com/ Name: ADRUM_BT2
Value: "R:51|i:293624|e:0|d:0"
portal.cardaccesssite.com/ Name: ADRUM_BT3
Value: "R:51|i:293624|e:0|d:0"
portal.cardaccesssite.com/ Name: LFR_SESSION_STATE_20120
Value: 1675461875631

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.appdynamics.com
portal.cardaccesssite.com
www.google-analytics.com
143.204.89.24
2a00:1450:4001:82b::200e
2a02:26f0:dc:39a::39f0
13008db630827d071ad4309dd42b86b527bd8d350a208f12a5a4149cf94145ed
14e82dcfebfbe8089ec2904d6ae62236f3fda269b1bd2342a6256462c491c6fa
19c85d4ae54b8085ef9e183d871ca4041a19123b3f0e8e8080669fb199191c94
233a5cb7ccfbad3e40b0984592960920bdcf915fd9d987ae3d5ebabcb32e86c5
28a48f1cf78d32b463a3b9ee973b2700322408026357f0c45f5cd2c6bbca3923
36310c9fd2c92d18fef7f82bad4e2551a294400bc06b0c929b8c7f28111d0d20
3a7a992929b0af019d45d0b1707be3cfee029fb7c760300f9727ffb1e5fae507
3f76ba35022028ac1a49ad9c57e3d8043eaee89a95ec50f1638df727a12f2d63
4aeb414a485d2327497fc63464425234e8c01c5dc849cf11033669e2a2e5a1e6
542ae80e2649f86b2f30e3e80290ea0d5dc7d5322df531f5caef4f489ca08265
576a337196cddc59f9865d93f470ea377c1770390402b08c788f497f71192449
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d6e01274c3a1a4ce1ea589627aa77a93c723cea1f881ccad69eb81c7f418939
62ed2e922b527de7f63d37b9d121642ba7a80107f148ff7bf9c07c72f3d212d4
6b305c807c5e6c509163a6f330f439dd52308b98173874b2918b603f9a960dc1
784b9dcd7e4b8591c6fd0d0936c9ac52689edacf98cc7f9e6ef49bedf56a9ec0
79e07f9be61abd6af96d40394b88b6ee554bed43bd168d9e77274ecff8a71ae1
7de98c925e713a690fdb8587625c755ea520e3eb533c8c3489dd9afd8e425eac
8529e1518a9f4287630af4a4404231c179f9bc3d56f5574eb8d974388a3ef53e
85e347cd74b493c456932df77810cd6182ff1340a1ec0c8554512956ca805f7d
879180748d5dbf4f82bde7d22d263f844015e9d930f193e533d4b598d14088db
8e05ad6b358c8967c47bf45f6c2e66ce24187b4b1c9fd47a7ccd0862d6529181
8f195faace4fff858d5e97a705a8d8053a823164b4f4709c3e2addd8982a6338
928b1ebb4711af90d9aaa62883a3db443e247d246f4a08701f1b62f542112d6b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a59ae007953e2b68c5283e6086838039678bf23ce4f05052305a3e6f1c75ed5b
b1446f4e069d42d0c51dc67f91a42f8fc5df6669310c8b8842eb8b6ab310a916
b9bcff80309ef56a1b8eb29fe9221c564cad1f050a36ed817a5845538ff3980e
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c15bcefc821af787c8da9b809ccf8c73043a49873ffc329f537759493cf00731
cb0811cbffffe4fb13996cd6ddcb70d5b845d585e26b9c27a657f32b700fc0a0
dc91fdade3effc0eb4df756dc370ba5ef4dadf2eea63eabfbf45194c7e39d6cc
df69c91663e4636edcbbb54e14e7763ca70c5cdb66d448279b4e16dee8bb896a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec8055d3cce09e30e9b2701dac05930451db2b80339d335738c410fa7a05f146
f01c129b7a1e842fca69afa9ddf9d290849d9dceb41802795923079c8e952e3f
f2cf8c48c6627fe010ef96794ed28e6d7b1a3f4e855188c41d38f25ae1d40259