gs-stage.citizenrewards.mobi Open in urlscan Pro
35.168.55.85  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response gs-stage.citizenrewards.mobi/	1022 B 1 KB	315ms 102ms	Document text/html	35.168.55.85 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gs-stage.citizenrewards.mobi/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.168.55.85 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-55-85.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 7f39e39fb41af2569e45a434c8cf06a2e9ea4652c53d9cd1d8f02c2519f3ac53 Request headers :method GET :authority gs-stage.citizenrewards.mobi :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Sun, 18 Oct 2020 01:25:08 GMT content-type text/html content-length 1022 server nginx/1.14.0 (Ubuntu) last-modified Fri, 07 Feb 2020 02:24:46 GMT etag "5e3cca6e-3fe" accept-ranges bytes
GET H2	200	icon fonts.googleapis.com/	574 B 465 B	16ms 14ms	Stylesheet text/css	2a00:1450:4001:820::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://gs-stage.citizenrewards.mobi/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 18 Oct 2020 01:25:08 GMT server ESF date Sun, 18 Oct 2020 01:25:08 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 18 Oct 2020 01:25:08 GMT
GET H2	200	slick.min.css cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/	1 KB 679 B	13ms 12ms	Stylesheet text/css	2606:4700::6811:4e6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://gs-stage.citizenrewards.mobi/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:08 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 885472 x-via cfworker/kv status 200 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 382 cf-request-id 05dae8871d00002b95501a8000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:16:21 GMT server cloudflare etag "5eb03fd5-50a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602984309"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 5e3e76b82b9f2b95-FRA expires Fri, 08 Oct 2021 01:25:08 GMT
GET H2	200	slick-theme.min.css cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/	2 KB 752 B	20ms 19ms	Stylesheet text/css	2606:4700::6811:4e6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://gs-stage.citizenrewards.mobi/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:08 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 274829 x-via cfworker/kv status 200 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 637 cf-request-id 05dae8871e00002b95841bf000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:16:21 GMT server cloudflare etag "5eb03fd5-92d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602984309"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 5e3e76b82ba12b95-FRA expires Fri, 08 Oct 2021 01:25:08 GMT
GET H2	200	main.d303e3e7efd84337e3e7.js Show response gs-stage.citizenrewards.mobi/	2 MB 2 MB	103ms 102ms	Script application/javascript	35.168.55.85 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.168.55.85 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-55-85.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 61231c309eb95f4935a6b5dfd5c2fed0c6f41e1f6892b56dcc0b5253f9fb2cc3 Request headers Referer https://gs-stage.citizenrewards.mobi/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Sun, 18 Oct 2020 01:25:08 GMT last-modified Fri, 07 Feb 2020 02:24:46 GMT server nginx/1.14.0 (Ubuntu) etag "5e3cca6e-19ca4d" content-type application/javascript status 200 cache-control public accept-ranges bytes content-length 1690189
GET H2	200	29.0bf199ed906a0d0ce0b8.chunk.js Show response gs-stage.citizenrewards.mobi/	2 KB 2 KB	100ms 99ms	Script application/javascript	35.168.55.85 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gs-stage.citizenrewards.mobi/29.0bf199ed906a0d0ce0b8.chunk.js Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.168.55.85 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-55-85.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 0463554d090e969eb07e3dd6bfb35d02a94a31c11c09c45ec633385ff3028af8 Request headers Referer https://gs-stage.citizenrewards.mobi/home/all User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Sun, 18 Oct 2020 01:25:09 GMT last-modified Fri, 07 Feb 2020 02:24:46 GMT server nginx/1.14.0 (Ubuntu) etag "5e3cca6e-64f" content-type application/javascript status 200 cache-control public accept-ranges bytes content-length 1615
GET H2	200	11.8fb36fae0914ac538034.chunk.js Show response gs-stage.citizenrewards.mobi/	5 KB 5 KB	101ms 100ms	Script application/javascript	35.168.55.85 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gs-stage.citizenrewards.mobi/11.8fb36fae0914ac538034.chunk.js Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.168.55.85 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-55-85.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash f7e223231ff4a59c88c26f85b8e8480bdbcee583d28e103fb38cfc1fa1a5dd81 Request headers Referer https://gs-stage.citizenrewards.mobi/home/all User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Sun, 18 Oct 2020 01:25:09 GMT last-modified Fri, 07 Feb 2020 02:24:46 GMT server nginx/1.14.0 (Ubuntu) etag "5e3cca6e-13de" content-type application/javascript status 200 cache-control public accept-ranges bytes content-length 5086
GET H2	200	5.0a7391b35212081833f1.chunk.js Show response gs-stage.citizenrewards.mobi/	58 KB 58 KB	101ms 101ms	Script application/javascript	35.168.55.85 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gs-stage.citizenrewards.mobi/5.0a7391b35212081833f1.chunk.js Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.168.55.85 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-55-85.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 6d8940d3970b96293d2913e2f3623a98d27aee1a901945c5a28af558ec42514e Request headers Referer https://gs-stage.citizenrewards.mobi/home/all User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Sun, 18 Oct 2020 01:25:09 GMT last-modified Fri, 07 Feb 2020 02:24:46 GMT server nginx/1.14.0 (Ubuntu) etag "5e3cca6e-e79a" content-type application/javascript status 200 cache-control public accept-ranges bytes content-length 59290
POST H2	200	v2 Show response logger.tribaltech.com/logger/	93 B 207 B	427ms 203ms	Fetch application/json	18.208.40.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://logger.tribaltech.com/logger/v2 Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.208.40.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-208-40-182.compute-1.amazonaws.com Software Apache/2.4.7 (Ubuntu) / Resource Hash 5e8f9542235dc094ed14a96f00ae107f92454c927d6a3df2cd07e0562a3c2540 Request headers Referer https://gs-stage.citizenrewards.mobi/home/all User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers status 200 date Sun, 18 Oct 2020 01:25:09 GMT server Apache/2.4.7 (Ubuntu) access-control-allow-origin * content-type application/json
GET H2	401	false Show response gs-mbe-stage.tribaltech.com/v2/ws/MPA/user/info/	0 206 B	327ms 105ms	Fetch text/html	52.1.102.220 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gs-mbe-stage.tribaltech.com/v2/ws/MPA/user/info/false Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.1.102.220 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-1-102-220.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://gs-stage.citizenrewards.mobi/home/all Accept-Language en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:09 GMT www-authenticate Bearer realm="Tribal" server nginx/1.14.0 (Ubuntu) status 401 vary Origin content-type text/html; charset=utf-8 access-control-allow-origin https://gs-stage.citizenrewards.mobi access-control-allow-credentials true content-length 0
GET H2	401	reward_user_points Show response gs-mbe-stage.tribaltech.com/v2/ws/MPA/user/	0 207 B	327ms 104ms	Fetch text/html	52.1.102.220 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gs-mbe-stage.tribaltech.com/v2/ws/MPA/user/reward_user_points Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.1.102.220 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-1-102-220.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://gs-stage.citizenrewards.mobi/home/all Accept-Language en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:09 GMT www-authenticate Bearer realm="Tribal" server nginx/1.14.0 (Ubuntu) status 401 vary Origin content-type text/html; charset=utf-8 access-control-allow-origin https://gs-stage.citizenrewards.mobi access-control-allow-credentials true content-length 0
GET H2	200	categories Show response gs-mbe-stage.tribaltech.com/v2/ws/MPA/rewards/	157 B 340 B	399ms 176ms	Fetch application/json	52.1.102.220 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gs-mbe-stage.tribaltech.com/v2/ws/MPA/rewards/categories Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.1.102.220 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-1-102-220.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 885440fa792cbc9a057ac9996784d237280195b1c0ea8c13dedb0cf5c02637c1 Request headers Accept application/json Referer https://gs-stage.citizenrewards.mobi/home/all Accept-Language en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:09 GMT server nginx/1.14.0 (Ubuntu) status 200 vary Origin content-type application/json access-control-allow-origin https://gs-stage.citizenrewards.mobi access-control-allow-credentials true content-length 157
GET H2	200	sponsors Show response gs-mbe-stage.tribaltech.com/v2/ws/MPA/	32 KB 6 KB	655ms 434ms	Fetch application/json	52.1.102.220 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gs-mbe-stage.tribaltech.com/v2/ws/MPA/sponsors Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.1.102.220 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-1-102-220.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 64b47e799448baf8a4aee540b01ceb5c9f62afa8489938214c315e317aee89dc Request headers Accept application/json Referer https://gs-stage.citizenrewards.mobi/home/all Accept-Language en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:10 GMT content-encoding gzip server nginx/1.14.0 (Ubuntu) status 200 vary Origin content-type application/json access-control-allow-origin https://gs-stage.citizenrewards.mobi access-control-allow-credentials true content-length 5611
GET H2	200	3a42672651c180167e6cda60d27386f0.png gs-stage.citizenrewards.mobi/	3 KB 3 KB	100ms 99ms	Image image/png	35.168.55.85 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://gs-stage.citizenrewards.mobi/3a42672651c180167e6cda60d27386f0.png Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/home/all Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.168.55.85 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-55-85.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 111efc0d9cd062f84a00f62077b23c2bf563db146f73c3c6aa48a274b9ee3693 Request headers Referer https://gs-stage.citizenrewards.mobi/home/all User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:09 GMT last-modified Fri, 07 Feb 2020 02:24:46 GMT server nginx/1.14.0 (Ubuntu) etag "5e3cca6e-c79" content-type image/png status 200 accept-ranges bytes content-length 3193
GET H2	200	8671e4fe478b67195e860763507ea306.woff2 gs-stage.citizenrewards.mobi/	25 KB 25 KB	105ms 104ms	Font application/octet-stream	35.168.55.85 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gs-stage.citizenrewards.mobi/8671e4fe478b67195e860763507ea306.woff2 Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.168.55.85 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-55-85.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash ab9c98460179f87beb8d38b296bef350cc9ae549d946ab99d0143f6112b76573 Request headers Origin https://gs-stage.citizenrewards.mobi Referer https://gs-stage.citizenrewards.mobi/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:09 GMT last-modified Fri, 07 Feb 2020 02:24:46 GMT server nginx/1.14.0 (Ubuntu) etag "5e3cca6e-64e4" content-type application/octet-stream status 200 accept-ranges bytes content-length 25828
GET H2	200	e298f39de1c4df8c9418bcd18ef69b3b.woff2 gs-stage.citizenrewards.mobi/	25 KB 26 KB	102ms 101ms	Font application/octet-stream	35.168.55.85 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gs-stage.citizenrewards.mobi/e298f39de1c4df8c9418bcd18ef69b3b.woff2 Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.168.55.85 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-55-85.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 3e57f2c71f8297bf3cd90fcd114252803c14fa77a1571d6949ddf001d7a39692 Request headers Origin https://gs-stage.citizenrewards.mobi Referer https://gs-stage.citizenrewards.mobi/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:09 GMT last-modified Fri, 07 Feb 2020 02:24:46 GMT server nginx/1.14.0 (Ubuntu) etag "5e3cca6e-6570" content-type application/octet-stream status 200 accept-ranges bytes content-length 25968
GET H2	200	eafd65366fb203a820901148ef5d56d8.woff2 gs-stage.citizenrewards.mobi/	25 KB 25 KB	103ms 103ms	Font application/octet-stream	35.168.55.85 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gs-stage.citizenrewards.mobi/eafd65366fb203a820901148ef5d56d8.woff2 Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.168.55.85 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-55-85.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 4f983d9ffe9960ccb551283fa1fde426fd7086f36f2cb2c1b3e80dc2fb4f3802 Request headers Origin https://gs-stage.citizenrewards.mobi Referer https://gs-stage.citizenrewards.mobi/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:09 GMT last-modified Fri, 07 Feb 2020 02:24:46 GMT server nginx/1.14.0 (Ubuntu) etag "5e3cca6e-623c" content-type application/octet-stream status 200 accept-ranges bytes content-length 25148
POST H2	200	v2 Show response logger.tribaltech.com/logger/	93 B 206 B	203ms 202ms	Fetch application/json	18.208.40.182 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://logger.tribaltech.com/logger/v2 Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.208.40.182 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-208-40-182.compute-1.amazonaws.com Software Apache/2.4.7 (Ubuntu) / Resource Hash b385a8ee306154ffc87e04057da05ac202deb428ed71db9ea0a26795acdcd71b Request headers Referer https://gs-stage.citizenrewards.mobi/home/all User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers status 200 date Sun, 18 Oct 2020 01:25:09 GMT server Apache/2.4.7 (Ubuntu) access-control-allow-origin * content-type application/json
GET H2	200	rewards Show response gs-mbe-stage.tribaltech.com/v2/ws/MPA/	3 B 184 B	124ms 123ms	Fetch application/json	52.1.102.220 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gs-mbe-stage.tribaltech.com/v2/ws/MPA/rewards?is_featured=true&language=en Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.1.102.220 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-1-102-220.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570 Request headers Accept application/json Referer https://gs-stage.citizenrewards.mobi/home/all Accept-Language en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:10 GMT server nginx/1.14.0 (Ubuntu) status 200 vary Origin content-type application/json access-control-allow-origin https://gs-stage.citizenrewards.mobi access-control-allow-credentials true content-length 3
GET H2	200	rewards Show response gs-mbe-stage.tribaltech.com/v2/ws/MPA/	20 KB 3 KB	245ms 245ms	Fetch application/json	52.1.102.220 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gs-mbe-stage.tribaltech.com/v2/ws/MPA/rewards?language=en&limit=8&reward_category_id=1&timestamp=1602984310 Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.1.102.220 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-1-102-220.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 5f8b10205882029c2ad4e39356e17a65f9b3d395358c9289b7d3e17d5a369538 Request headers Accept application/json Referer https://gs-stage.citizenrewards.mobi/home/all Accept-Language en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:10 GMT content-encoding gzip server nginx/1.14.0 (Ubuntu) status 200 vary Origin content-type application/json access-control-allow-origin https://gs-stage.citizenrewards.mobi access-control-allow-credentials true content-length 2812
GET H3-Q050	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2 fonts.gstatic.com/s/materialicons/v55/	81 KB 81 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:81f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v55/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/icon?family=Material+Icons Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bf72a72b82528382a139fe56546c4494dd64e82706c2cbef91739445ca6a3fbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://gs-stage.citizenrewards.mobi Referer https://fonts.googleapis.com/icon?family=Material+Icons User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 12 Oct 2020 11:20:44 GMT x-content-type-options nosniff last-modified Wed, 19 Aug 2020 20:12:32 GMT server sffe age 482666 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 82492 x-xss-protection 0 expires Tue, 12 Oct 2021 11:20:44 GMT
GET H2	200	729c63a2494104c9fc8bccf39f8de7bd.jpeg d2cowtu3m151jj.cloudfront.net/full/https://gs-mbe-stage.s3.amazonaws.com/rewards/111/images/11779/	46 KB 47 KB	1557ms 1523ms	Image image/jpeg	2600:9000:21f3:2000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://gs-mbe-stage.s3.amazonaws.com/rewards/111/images/11779/729c63a2494104c9fc8bccf39f8de7bd.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 0886b27d0d02c5c602d7ba4fd48c725facb8383b87ddb64352955fb68886ea2c Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://gs-stage.citizenrewards.mobi/home/all User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:11 GMT via 1.1 imageoptim-eK3Esf, 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 46894 cf-request-id 05dae88ec700002fa5a42aa000000001 last-modified Mon, 16 Dec 2019 18:09:31 GMT server cloudflare x-frame-options SAMEORIGIN etag "im-S1ck7ScDPXqcD2VDtm" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=5184000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602984312"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 5e3e76c479282fa5-FRA link <https://gs-mbe-stage.s3.amazonaws.com/rewards/111/images/11779/729c63a2494104c9fc8bccf39f8de7bd.jpeg>; rel="canonical" x-amz-cf-id Ina6jMee7COhTMWspVg9Wqh6Y7PeiR7ob_8WMBAxksXA8PiC-aeLtg==
GET H2	200	500418f213ccac3d61a14d91f43b73cc.jpeg d2cowtu3m151jj.cloudfront.net/full/https://gs-mbe-stage.s3.amazonaws.com/rewards/112/images/11777/	52 KB 53 KB	2865ms 2831ms	Image image/jpeg	2600:9000:21f3:2000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://gs-mbe-stage.s3.amazonaws.com/rewards/112/images/11777/500418f213ccac3d61a14d91f43b73cc.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 762083686392342900a477d1ad45afd8643d2b4a34a30ca0cc4fab69b79ebf9a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://gs-stage.citizenrewards.mobi/home/all User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:13 GMT via 1.1 imageoptim-notI0f, 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 53017 cf-request-id 05dae88ebf0000d6f524214000000001 last-modified Mon, 16 Dec 2019 18:09:31 GMT server cloudflare x-frame-options SAMEORIGIN etag "im-EQezUaUdgx7mgTqQGC" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=5184000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602984313"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 5e3e76c46e43d6f5-FRA link <https://gs-mbe-stage.s3.amazonaws.com/rewards/112/images/11777/500418f213ccac3d61a14d91f43b73cc.jpeg>; rel="canonical" x-amz-cf-id t9SoIcClGPfIoC6Z9S8W1YR8KFnA6uzeDJx_sc0U8ao6EemKDtnGmA==
GET H2	200	fdae9bd732392ad00498e3e682dbd808.jpeg d2cowtu3m151jj.cloudfront.net/full/https://gs-mbe-stage.s3.amazonaws.com/rewards/120/images/11793/	23 KB 24 KB	1480ms 1447ms	Image image/jpeg	2600:9000:21f3:2000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://gs-mbe-stage.s3.amazonaws.com/rewards/120/images/11793/fdae9bd732392ad00498e3e682dbd808.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash ee919b7360bd7ace626ab6146bf4abe28d57824b1b1903f1defcf2c6d5d09394 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://gs-stage.citizenrewards.mobi/home/all User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:11 GMT via 1.1 imageoptim-r8VKPf, 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 23266 cf-request-id 05dae88ec10000c29a719da000000001 last-modified Mon, 16 Dec 2019 18:09:34 GMT server cloudflare x-frame-options SAMEORIGIN etag "im-NKrohHHAzKJSrcVsyB" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=5184000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602984312"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 5e3e76c4691ec29a-FRA link <https://gs-mbe-stage.s3.amazonaws.com/rewards/120/images/11793/fdae9bd732392ad00498e3e682dbd808.jpeg>; rel="canonical" x-amz-cf-id xPWMJyTtBlxvmxUXJsD7Ai6Ha_HbZvBTmjY6teCc-Ddc_1SUt1Z0kA==
GET H2	200	789e4a596deb2b956b0d933324d380f2.jpeg d2cowtu3m151jj.cloudfront.net/full/https://gs-mbe-stage.s3.amazonaws.com/rewards/118/images/11789/	50 KB 51 KB	2135ms 2102ms	Image image/jpeg	2600:9000:21f3:2000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://gs-mbe-stage.s3.amazonaws.com/rewards/118/images/11789/789e4a596deb2b956b0d933324d380f2.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash b30d1a9a247af7db0fcb249f43dbe162b0a30b3a3bbe163eccd89a530e05055b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://gs-stage.citizenrewards.mobi/home/all User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:12 GMT via 1.1 imageoptim-wXtEQf, 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 51401 cf-request-id 05dae88eb90000d6b9fd0b0000000001 last-modified Mon, 16 Dec 2019 18:09:33 GMT server cloudflare x-frame-options SAMEORIGIN etag "im-ZXlOWHKFSQLWhcEoTp" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=5184000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602984313"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 5e3e76c45fb7d6b9-FRA link <https://gs-mbe-stage.s3.amazonaws.com/rewards/118/images/11789/789e4a596deb2b956b0d933324d380f2.jpeg>; rel="canonical" x-amz-cf-id WSSq6prBL_1-Syje1xfE_V4xqo9e2byMfo7pnyq84PnHr77XWJ88WQ==
GET H2	200	7dd88e7c129465de41f46a716efac311.jpeg d2cowtu3m151jj.cloudfront.net/full/https://gs-mbe-stage.s3.amazonaws.com/rewards/110/images/11774/	38 KB 39 KB	1957ms 1924ms	Image image/jpeg	2600:9000:21f3:2000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://gs-mbe-stage.s3.amazonaws.com/rewards/110/images/11774/7dd88e7c129465de41f46a716efac311.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash b4f82023763bebabae15aab2d1284a87772e8e29dd66cde3b5400afdc814bd0c Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://gs-stage.citizenrewards.mobi/home/all User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:12 GMT via 1.1 imageoptim-joGYef, 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 38428 cf-request-id 05dae88eb700002c527813e000000001 last-modified Mon, 16 Dec 2019 18:09:30 GMT server cloudflare x-frame-options SAMEORIGIN etag "im-7pfsjAkzb6m4mxYPUP" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=5184000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602984312"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 5e3e76c45ab52c52-FRA link <https://gs-mbe-stage.s3.amazonaws.com/rewards/110/images/11774/7dd88e7c129465de41f46a716efac311.jpeg>; rel="canonical" x-amz-cf-id 29PqdPBaV1UpZ6ll00HNo2PepG-mmcp8U--mJCOk5oZTX_YniIBzZw==
GET H2	200	49b3b80d654084644a6812535ad8652a.jpeg d2cowtu3m151jj.cloudfront.net/full/https://gs-mbe-stage.s3.amazonaws.com/rewards/115/images/11782/	49 KB 50 KB	2574ms 2541ms	Image image/jpeg	2600:9000:21f3:2000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://gs-mbe-stage.s3.amazonaws.com/rewards/115/images/11782/49b3b80d654084644a6812535ad8652a.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 22c0e6b723cd8fa8d4553687679ac71168171f5898ad5b844ea876d4db689a09 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://gs-stage.citizenrewards.mobi/home/all User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:12 GMT via 1.1 imageoptim-1jXNRf, 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 50220 cf-request-id 05dae88eb80000d6c1f42f7000000001 last-modified Mon, 16 Dec 2019 18:09:32 GMT server cloudflare x-frame-options SAMEORIGIN etag "im-jai04bqsHT6gPuiBvJ" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=5184000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602984313"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 5e3e76c4597dd6c1-FRA link <https://gs-mbe-stage.s3.amazonaws.com/rewards/115/images/11782/49b3b80d654084644a6812535ad8652a.jpeg>; rel="canonical" x-amz-cf-id sUqcF9W0sgfol4DNfcxb535vbdPgwP_hfoDd6sQZ4cSBMsg54lqHGg==
GET H2	200	1d84afd8eb3c45c2bdba2cd3a4ef19d1.jpeg d2cowtu3m151jj.cloudfront.net/full/https://gs-mbe-stage.s3.amazonaws.com/rewards/116/images/11785/	37 KB 38 KB	2251ms 2227ms	Image image/jpeg	2600:9000:21f3:2000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://gs-mbe-stage.s3.amazonaws.com/rewards/116/images/11785/1d84afd8eb3c45c2bdba2cd3a4ef19d1.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 8c17323d2c3a506278eb1cc7d19591d51603f9a9ca92f1e30133b7def03f922e Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://gs-stage.citizenrewards.mobi/home/all User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:12 GMT via 1.1 imageoptim-zuWU9f, 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 37972 cf-request-id 05dae88ebf00001772f4b45000000001 last-modified Mon, 16 Dec 2019 18:09:32 GMT server cloudflare x-frame-options SAMEORIGIN etag "im-9HolYbv94dDgz5R6xE" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=5184000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602984313"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 5e3e76c46da51772-FRA link <https://gs-mbe-stage.s3.amazonaws.com/rewards/116/images/11785/1d84afd8eb3c45c2bdba2cd3a4ef19d1.jpeg>; rel="canonical" x-amz-cf-id -sIXMStNgA2GBEBn61qYUWzIQV1mOZ-UijDZcxW9PAnoI0zN8IO9Qw==
GET H2	200	d7f74bd9e5d15feae703b918bb62f0dc.jpeg d2cowtu3m151jj.cloudfront.net/full/https://gs-mbe-stage.s3.amazonaws.com/rewards/117/images/11787/	44 KB 45 KB	1610ms 1586ms	Image image/jpeg	2600:9000:21f3:2000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://gs-mbe-stage.s3.amazonaws.com/rewards/117/images/11787/d7f74bd9e5d15feae703b918bb62f0dc.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash c8fb4c29b3b8a606de2b3437b6bfc6b8b649e39923db4a8de55bd768cbcfc63d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://gs-stage.citizenrewards.mobi/home/all User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:12 GMT via 1.1 imageoptim-0Kx5jf, 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44715 cf-request-id 05dae88ec00000326094993000000001 last-modified Mon, 16 Dec 2019 18:09:32 GMT server cloudflare x-frame-options SAMEORIGIN etag "im-NYhzD1vbXJzcLy+hik" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=5184000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602984312"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 5e3e76c46fa43260-FRA link <https://gs-mbe-stage.s3.amazonaws.com/rewards/117/images/11787/d7f74bd9e5d15feae703b918bb62f0dc.jpeg>; rel="canonical" x-amz-cf-id 1tpkzgWvh6DBXfxSIlI1iXJgendxUliXl-UuyNA-XmFCdytQM_aN7Q==
GET H2	200	f57a5649f0f83ad3b58714e584b80ef5.woff2 gs-stage.citizenrewards.mobi/	27 KB 27 KB	101ms 101ms	Font application/octet-stream	35.168.55.85 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gs-stage.citizenrewards.mobi/f57a5649f0f83ad3b58714e584b80ef5.woff2 Requested by Host: gs-stage.citizenrewards.mobi URL: https://gs-stage.citizenrewards.mobi/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.168.55.85 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-55-85.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 5af44049bf2dca9f570343bee70a5d29b7b43d029e73681008b3e369392c7ca9 Request headers Origin https://gs-stage.citizenrewards.mobi Referer https://gs-stage.citizenrewards.mobi/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 18 Oct 2020 01:25:10 GMT last-modified Fri, 07 Feb 2020 02:24:46 GMT server nginx/1.14.0 (Ubuntu) etag "5e3cca6e-6c78" content-type application/octet-stream status 200 accept-ranges bytes content-length 27768

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| webpackJsonp object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js(Line 14) Message: Download the React DevTools for a better development experience: https://fb.me/react-devtools
console-api	error	URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js(Line 6) Message: Warning: It looks like you're using a minified copy of the development build of React. When deploying React apps to production, make sure to use the production build which skips development warnings and is faster. See https://fb.me/react-minification for more details.
console-api	error	URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js(Line 28) Message: You are currently using minified code outside of NODE_ENV === 'production'. This means that you are running a slower development build of Redux. You can use loose-envify (https://github.com/zertosh/loose-envify) for browserify or DefinePlugin for webpack (http://stackoverflow.com/questions/30030031) to ensure you have the correct code for your production build.
console-api	log	URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js(Line 1) Message: Browser locale detected: en-US
console-api	log	URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js(Line 1) Message: request catch: [object Object]
console-api	log	URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js(Line 1) Message: request catch: [object Object]
console-api	log	URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js(Line 1) Message: request data: [object Object]
console-api	log	URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js(Line 1) Message: request data: [object Object]
console-api	log	URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js(Line 1) Message: request data: [object Object]
console-api	log	URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js(Line 1) Message: request data: [object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
console-api	log	URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js(Line 1) Message: request data:
console-api	log	URL: https://gs-stage.citizenrewards.mobi/main.d303e3e7efd84337e3e7.js(Line 1) Message: request data: [object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
d2cowtu3m151jj.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gs-mbe-stage.tribaltech.com
gs-stage.citizenrewards.mobi
logger.tribaltech.com
18.208.40.182
2600:9000:21f3:2000:8:340:3c0:21
2606:4700::6811:4e6b
2a00:1450:4001:81f::2003
2a00:1450:4001:820::200a
35.168.55.85
52.1.102.220
0463554d090e969eb07e3dd6bfb35d02a94a31c11c09c45ec633385ff3028af8
0886b27d0d02c5c602d7ba4fd48c725facb8383b87ddb64352955fb68886ea2c
111efc0d9cd062f84a00f62077b23c2bf563db146f73c3c6aa48a274b9ee3693
22c0e6b723cd8fa8d4553687679ac71168171f5898ad5b844ea876d4db689a09
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3e57f2c71f8297bf3cd90fcd114252803c14fa77a1571d6949ddf001d7a39692
4f983d9ffe9960ccb551283fa1fde426fd7086f36f2cb2c1b3e80dc2fb4f3802
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
5af44049bf2dca9f570343bee70a5d29b7b43d029e73681008b3e369392c7ca9
5e8f9542235dc094ed14a96f00ae107f92454c927d6a3df2cd07e0562a3c2540
5f8b10205882029c2ad4e39356e17a65f9b3d395358c9289b7d3e17d5a369538
61231c309eb95f4935a6b5dfd5c2fed0c6f41e1f6892b56dcc0b5253f9fb2cc3
64b47e799448baf8a4aee540b01ceb5c9f62afa8489938214c315e317aee89dc
6d8940d3970b96293d2913e2f3623a98d27aee1a901945c5a28af558ec42514e
762083686392342900a477d1ad45afd8643d2b4a34a30ca0cc4fab69b79ebf9a
7f39e39fb41af2569e45a434c8cf06a2e9ea4652c53d9cd1d8f02c2519f3ac53
885440fa792cbc9a057ac9996784d237280195b1c0ea8c13dedb0cf5c02637c1
8c17323d2c3a506278eb1cc7d19591d51603f9a9ca92f1e30133b7def03f922e
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
ab9c98460179f87beb8d38b296bef350cc9ae549d946ab99d0143f6112b76573
b30d1a9a247af7db0fcb249f43dbe162b0a30b3a3bbe163eccd89a530e05055b
b385a8ee306154ffc87e04057da05ac202deb428ed71db9ea0a26795acdcd71b
b4f82023763bebabae15aab2d1284a87772e8e29dd66cde3b5400afdc814bd0c
bf72a72b82528382a139fe56546c4494dd64e82706c2cbef91739445ca6a3fbb
c8fb4c29b3b8a606de2b3437b6bfc6b8b649e39923db4a8de55bd768cbcfc63d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee919b7360bd7ace626ab6146bf4abe28d57824b1b1903f1defcf2c6d5d09394
f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76
f7e223231ff4a59c88c26f85b8e8480bdbcee583d28e103fb38cfc1fa1a5dd81