stage.citizenrewards.mobi Open in urlscan Pro
52.6.131.49  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response stage.citizenrewards.mobi/	1 KB 1 KB	358ms 102ms	Document text/html	52.6.131.49 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://stage.citizenrewards.mobi/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.6.131.49 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-6-131-49.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash ea9004fc4d09c758dbec96b427c170929120c7be8c24bb3eff00fb9e13a15ec8 Request headers :method GET :authority stage.citizenrewards.mobi :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 date Fri, 10 Apr 2020 03:26:16 GMT content-type text/html content-length 1034 server nginx/1.14.0 (Ubuntu) last-modified Tue, 07 Apr 2020 16:24:03 GMT etag "5e8ca923-40a" accept-ranges bytes
GET H2	200	icon fonts.googleapis.com/	574 B 468 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:815::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://stage.citizenrewards.mobi/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 10 Apr 2020 03:26:16 GMT server ESF date Fri, 10 Apr 2020 03:26:16 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 10 Apr 2020 03:26:16 GMT
GET H2	200	slick.min.css cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/	1 KB 864 B	30ms 17ms	Stylesheet text/css	2606:4700::6810:85e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://stage.citizenrewards.mobi/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Fri, 10 Apr 2020 03:26:16 GMT content-encoding br cf-cache-status HIT age 14070523 cf-ray 58195d86ba079808-FRA status 200 strict-transport-security max-age=15780000; includeSubDomains alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 last-modified Thu, 17 May 2018 09:26:46 GMT server cloudflare etag W/"5afd4ad6-50a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css access-control-allow-origin * expires Wed, 31 Mar 2021 03:26:16 GMT cache-control public, max-age=30672000 timing-allow-origin * served-in-seconds 0.001
GET H2	200	slick-theme.min.css cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/	2 KB 761 B	32ms 19ms	Stylesheet text/css	2606:4700::6810:85e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://stage.citizenrewards.mobi/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Fri, 10 Apr 2020 03:26:16 GMT content-encoding br cf-cache-status HIT age 2969019 cf-ray 58195d86ba099808-FRA status 200 strict-transport-security max-age=15780000; includeSubDomains alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 last-modified Thu, 17 May 2018 09:26:46 GMT server cloudflare etag W/"5afd4ad6-92d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css access-control-allow-origin * expires Wed, 31 Mar 2021 03:26:16 GMT cache-control public, max-age=30672000 timing-allow-origin * served-in-seconds 0.001
GET H2	200	main.79bb84ac60286ffb00a0.js Show response stage.citizenrewards.mobi/	2 MB 2 MB	108ms 107ms	Script application/javascript	52.6.131.49 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.6.131.49 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-6-131-49.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 7f1dc2593c229bf74ccec8f252c778873e2ead15337e3c53cd836ea96c7c056f Request headers Referer https://stage.citizenrewards.mobi/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers pragma public date Fri, 10 Apr 2020 03:26:16 GMT last-modified Tue, 07 Apr 2020 16:24:03 GMT server nginx/1.14.0 (Ubuntu) etag "5e8ca923-1a25b0" content-type application/javascript status 200 cache-control public accept-ranges bytes content-length 1713584
GET H2	200	css fonts.googleapis.com/	3 KB 547 B	15ms 15ms	Stylesheet text/css	2a00:1450:4001:815::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,700,900 Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://stage.citizenrewards.mobi/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 10 Apr 2020 03:26:16 GMT server ESF date Fri, 10 Apr 2020 03:26:16 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 10 Apr 2020 03:26:16 GMT
GET H2	200	32.a9008057269540842c91.chunk.js Show response stage.citizenrewards.mobi/	2 KB 2 KB	103ms 102ms	Script application/javascript	52.6.131.49 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://stage.citizenrewards.mobi/32.a9008057269540842c91.chunk.js Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.6.131.49 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-6-131-49.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 1a3cf3da9b776ac65beb7d7c79dbfac8cfbe67570bae14adbfe452f632b07953 Request headers Referer https://stage.citizenrewards.mobi/home/1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers pragma public date Fri, 10 Apr 2020 03:26:16 GMT last-modified Tue, 07 Apr 2020 16:24:03 GMT server nginx/1.14.0 (Ubuntu) etag "5e8ca923-817" content-type application/javascript status 200 cache-control public accept-ranges bytes content-length 2071
GET H2	200	24.d66d7cf1b157e7cf1269.chunk.js Show response stage.citizenrewards.mobi/	5 KB 5 KB	103ms 102ms	Script application/javascript	52.6.131.49 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://stage.citizenrewards.mobi/24.d66d7cf1b157e7cf1269.chunk.js Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.6.131.49 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-6-131-49.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 5efc748f47fb41336184d1055fd171d818b6f543056613e3a9802c5707fee697 Request headers Referer https://stage.citizenrewards.mobi/home/1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers pragma public date Fri, 10 Apr 2020 03:26:16 GMT last-modified Tue, 07 Apr 2020 16:24:03 GMT server nginx/1.14.0 (Ubuntu) etag "5e8ca923-1382" content-type application/javascript status 200 cache-control public accept-ranges bytes content-length 4994
GET H2	200	6.d00cdad02067450d4d4b.chunk.js Show response stage.citizenrewards.mobi/	65 KB 65 KB	103ms 103ms	Script application/javascript	52.6.131.49 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://stage.citizenrewards.mobi/6.d00cdad02067450d4d4b.chunk.js Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.6.131.49 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-6-131-49.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 27b110fb12781785dbe6f36b38e9cc9221e22d60ca5865d53d44b567d7d392af Request headers Referer https://stage.citizenrewards.mobi/home/1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers pragma public date Fri, 10 Apr 2020 03:26:16 GMT last-modified Tue, 07 Apr 2020 16:24:03 GMT server nginx/1.14.0 (Ubuntu) etag "5e8ca923-1048b" content-type application/javascript status 200 cache-control public accept-ranges bytes content-length 66699
POST H2	200	v2 Show response logger.tribaltech.com/logger/	93 B 206 B	462ms 199ms	Fetch application/json	3.224.82.82 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://logger.tribaltech.com/logger/v2 Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.224.82.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-224-82-82.compute-1.amazonaws.com Software Apache/2.4.7 (Ubuntu) / Resource Hash ef58065a81e52b9920ce09ad5f96aee62addaf7e6c077213ce473fb7d8bd77ba Request headers Referer https://stage.citizenrewards.mobi/home/1 Origin https://stage.citizenrewards.mobi Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers status 200 date Fri, 10 Apr 2020 03:26:17 GMT server Apache/2.4.7 (Ubuntu) access-control-allow-origin * content-type application/json
GET H2	401	false Show response mbe-stage.tribaltech.com/v2/ws/MPA/user/info/	0 212 B	393ms 111ms	Fetch text/html	54.175.173.217 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mbe-stage.tribaltech.com/v2/ws/MPA/user/info/false Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.175.173.217 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-175-173-217.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://stage.citizenrewards.mobi/home/1 Origin https://stage.citizenrewards.mobi Sec-Fetch-Dest empty Accept-Language en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 10 Apr 2020 03:26:17 GMT www-authenticate Bearer realm="Tribal" server nginx/1.14.0 (Ubuntu) status 401 vary Origin content-type text/html; charset=utf-8 access-control-allow-origin https://stage.citizenrewards.mobi access-control-allow-credentials true content-length 0
GET H2	401	reward_user_points Show response mbe-stage.tribaltech.com/v2/ws/MPA/user/	0 212 B	391ms 109ms	Fetch text/html	54.175.173.217 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mbe-stage.tribaltech.com/v2/ws/MPA/user/reward_user_points Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.175.173.217 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-175-173-217.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://stage.citizenrewards.mobi/home/1 Origin https://stage.citizenrewards.mobi Sec-Fetch-Dest empty Accept-Language en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 10 Apr 2020 03:26:17 GMT www-authenticate Bearer realm="Tribal" server nginx/1.14.0 (Ubuntu) status 401 vary Origin content-type text/html; charset=utf-8 access-control-allow-origin https://stage.citizenrewards.mobi access-control-allow-credentials true content-length 0
GET H2	200	categories Show response mbe-stage.tribaltech.com/v2/ws/MPA/rewards/	475 B 655 B	407ms 126ms	Fetch application/json	54.175.173.217 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mbe-stage.tribaltech.com/v2/ws/MPA/rewards/categories Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.175.173.217 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-175-173-217.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 2e7bbb63a6609710e53395cda0e902112c2cd4adafaadc8b9e60d5e1056eedec Request headers Accept application/json Referer https://stage.citizenrewards.mobi/home/1 Origin https://stage.citizenrewards.mobi Sec-Fetch-Dest empty Accept-Language en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 10 Apr 2020 03:26:17 GMT server nginx/1.14.0 (Ubuntu) status 200 vary Origin content-type application/json access-control-allow-origin https://stage.citizenrewards.mobi access-control-allow-credentials true content-length 475
GET H2	200	sponsors Show response mbe-stage.tribaltech.com/v2/ws/MPA/	29 KB 6 KB	586ms 304ms	Fetch application/json	54.175.173.217 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mbe-stage.tribaltech.com/v2/ws/MPA/sponsors Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.175.173.217 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-175-173-217.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 2c2b4e09685a2cf22ed239dec396862ac47ced0353e9db577fb661a86cf923da Request headers Accept application/json Referer https://stage.citizenrewards.mobi/home/1 Origin https://stage.citizenrewards.mobi Sec-Fetch-Dest empty Accept-Language en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 10 Apr 2020 03:26:17 GMT content-encoding gzip server nginx/1.14.0 (Ubuntu) status 200 vary Origin content-type application/json access-control-allow-origin https://stage.citizenrewards.mobi access-control-allow-credentials true content-length 6011
GET H2	200	8c91b4078465ed647e6f767f8ff3acac.svg stage.citizenrewards.mobi/	3 KB 3 KB	102ms 102ms	Image image/svg+xml	52.6.131.49 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://stage.citizenrewards.mobi/8c91b4078465ed647e6f767f8ff3acac.svg Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/home/1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.6.131.49 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-6-131-49.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 6624736486cac05f858b2459e63bb03a14ec72dc39da1241fc41d6e7b4249039 Request headers Referer https://stage.citizenrewards.mobi/home/1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 10 Apr 2020 03:26:17 GMT last-modified Tue, 07 Apr 2020 16:24:03 GMT server nginx/1.14.0 (Ubuntu) etag "5e8ca923-a2b" content-type image/svg+xml status 200 accept-ranges bytes content-length 2603
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Lato:300,400,700,900 Origin https://stage.citizenrewards.mobi Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 01 Apr 2020 22:55:16 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:54 GMT server sffe age 707461 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 14176 x-xss-protection 0 expires Thu, 01 Apr 2021 22:55:16 GMT
GET H2	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Lato:300,400,700,900 Origin https://stage.citizenrewards.mobi Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 04 Apr 2020 10:25:32 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:55 GMT server sffe age 493245 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 14044 x-xss-protection 0 expires Sun, 04 Apr 2021 10:25:32 GMT
POST H2	200	v2 Show response logger.tribaltech.com/logger/	93 B 206 B	196ms 195ms	Fetch application/json	3.224.82.82 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://logger.tribaltech.com/logger/v2 Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.224.82.82 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-224-82-82.compute-1.amazonaws.com Software Apache/2.4.7 (Ubuntu) / Resource Hash d61a78d538bfd332d9391a6e7df5892c2c4d43f0eccfffc50b2d9ff1d678efc3 Request headers Referer https://stage.citizenrewards.mobi/home/1 Origin https://stage.citizenrewards.mobi Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers status 200 date Fri, 10 Apr 2020 03:26:17 GMT server Apache/2.4.7 (Ubuntu) access-control-allow-origin * content-type application/json
GET H2	200	rewards Show response mbe-stage.tribaltech.com/v2/ws/MPA/	99 B 278 B	121ms 121ms	Fetch application/json	54.175.173.217 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mbe-stage.tribaltech.com/v2/ws/MPA/rewards?is_featured=true&reward_category_id=1 Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.175.173.217 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-175-173-217.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 0195a8a346d9b43161a4c83f4f39182fc2bec5e720a4875899e6d17368207118 Request headers Accept application/json Referer https://stage.citizenrewards.mobi/home/1 Origin https://stage.citizenrewards.mobi Sec-Fetch-Dest empty Accept-Language en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 10 Apr 2020 03:26:17 GMT server nginx/1.14.0 (Ubuntu) status 200 vary Origin content-type application/json access-control-allow-origin https://stage.citizenrewards.mobi access-control-allow-credentials true content-length 99
GET H2	200	rewards Show response mbe-stage.tribaltech.com/v2/ws/MPA/	20 KB 3 KB	229ms 229ms	Fetch application/json	54.175.173.217 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mbe-stage.tribaltech.com/v2/ws/MPA/rewards?language=en&reward_category_id=1&timestamp=1586489177 Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.175.173.217 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-175-173-217.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash cf8fab6468d13524b3a1b21f1605372be9a4dd37ec0a7fb725fc10400a4459bf Request headers Accept application/json Referer https://stage.citizenrewards.mobi/home/1 Origin https://stage.citizenrewards.mobi Sec-Fetch-Dest empty Accept-Language en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 10 Apr 2020 03:26:17 GMT content-encoding gzip server nginx/1.14.0 (Ubuntu) status 200 vary Origin content-type application/json access-control-allow-origin https://stage.citizenrewards.mobi access-control-allow-credentials true content-length 2818
GET H2	200	tags Show response mbe-stage.tribaltech.com/v2/ws/MPA/	23 KB 2 KB	134ms 134ms	Fetch application/json	54.175.173.217 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mbe-stage.tribaltech.com/v2/ws/MPA/tags?language=en&reward_category_id=1 Requested by Host: stage.citizenrewards.mobi URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.175.173.217 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-175-173-217.compute-1.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 266071b682892d31db96d5017e1a8f6d4cbe99b4f4d5e5e29a3dc3ea3541aa3f Request headers Accept application/json Referer https://stage.citizenrewards.mobi/home/1 Origin https://stage.citizenrewards.mobi Sec-Fetch-Dest empty Accept-Language en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 10 Apr 2020 03:26:17 GMT content-encoding gzip server nginx/1.14.0 (Ubuntu) status 200 vary Origin content-type application/json access-control-allow-origin https://stage.citizenrewards.mobi access-control-allow-credentials true content-length 2269
GET H2	200	S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v16/	13 KB 14 KB	8ms 8ms	Font font/woff2	2a00:1450:4001:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Lato:300,400,700,900 Origin https://stage.citizenrewards.mobi Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 10 Mar 2020 17:00:54 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:45 GMT server sffe age 2629523 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 13732 x-xss-protection 0 expires Wed, 10 Mar 2021 17:00:54 GMT
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2 fonts.gstatic.com/s/materialicons/v50/	59 KB 60 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v50/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/icon?family=Material+Icons Origin https://stage.citizenrewards.mobi Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 10 Apr 2020 01:57:25 GMT x-content-type-options nosniff last-modified Thu, 20 Feb 2020 01:57:25 GMT server sffe age 5332 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 60840 x-xss-protection 0 expires Sat, 10 Apr 2021 01:57:25 GMT
GET H2	200	c9d246b6090604c9ede2d8600f7d7a1c.jpeg d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/96/images/9964/	49 KB 49 KB	1292ms 1239ms	Image image/jpeg	2600:9000:21f3:c000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/96/images/9964/c9d246b6090604c9ede2d8600f7d7a1c.jpeg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:c000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash f411351e4f34672c18926b36739724d6fedd424ba94b7374c9d5d8223eba0701 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://stage.citizenrewards.mobi/home/1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 10 Apr 2020 03:26:19 GMT via 1.1 imageoptim-K4SyIp, 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 content-length 49758 last-modified Mon, 20 Jan 2020 19:24:38 GMT server cloudflare etag "im-jy4aQEojBTyOJ40H4N" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN strict-transport-security max-age=5184000; includeSubDomains content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 58195d928f2a0eaf-FRA link <https://mbe-stage.s3.amazonaws.com/rewards/96/images/9964/c9d246b6090604c9ede2d8600f7d7a1c.jpeg>; rel="canonical" x-amz-cf-id hCtlDMbYNAawCU8e1F8PRZbwfmCIIa-2TzWMVDd-el5H1Y3EbKqp9g==
GET H2	200	71ffa80bde331fc137cd8ddd5548b13a.jpeg d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/98/images/9969/	43 KB 44 KB	1487ms 1435ms	Image image/jpeg	2600:9000:21f3:c000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/98/images/9969/71ffa80bde331fc137cd8ddd5548b13a.jpeg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:c000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash de783683927a0376fb4385002062c19953c306a861a3dd7b584c0e9d43bdfacd Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://stage.citizenrewards.mobi/home/1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 10 Apr 2020 03:26:19 GMT via 1.1 imageoptim-mWkFEf, 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 content-length 44441 last-modified Mon, 20 Jan 2020 19:24:39 GMT server cloudflare etag "im-SAOZg9+dwGAWlClfZO" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN strict-transport-security max-age=5184000; includeSubDomains content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 58195d928ffb145a-FRA link <https://mbe-stage.s3.amazonaws.com/rewards/98/images/9969/71ffa80bde331fc137cd8ddd5548b13a.jpeg>; rel="canonical" x-amz-cf-id x7d7CgBrTjZDTsgw8Rs8Vv-YeOPvHxyq8HxYoIAIlfN6uLEl_XG7Rg==
GET H2	200	26b6a539dd52cbc801ee6045161134f8.jpeg d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/91/images/9954/	137 KB 138 KB	2362ms 2310ms	Image image/jpeg	2600:9000:21f3:c000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/91/images/9954/26b6a539dd52cbc801ee6045161134f8.jpeg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:c000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 3bb5566549b5f53b55a8328d5b9a12a4da5944bc5b85b69395acdbf4ba8a757b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://stage.citizenrewards.mobi/home/1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 10 Apr 2020 03:26:20 GMT via 1.1 imageoptim-O6HMof, 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 content-length 140148 last-modified Mon, 20 Jan 2020 19:24:36 GMT server cloudflare etag "im-dlmp6aEO2mUKQh3RDB" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN strict-transport-security max-age=5184000; includeSubDomains content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 58195d927db22736-FRA link <https://mbe-stage.s3.amazonaws.com/rewards/91/images/9954/26b6a539dd52cbc801ee6045161134f8.jpeg>; rel="canonical" x-amz-cf-id qgdo1j1Wgixsng-Ovh24S2JRyFaHvqJIMkFER89Au56bFvcrXP-xyA==
GET H2	200	78c7f40f22188606b4e608099061d388.jpeg d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/140/images/12079/	9 KB 9 KB	905ms 853ms	Image image/jpeg	2600:9000:21f3:c000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/140/images/12079/78c7f40f22188606b4e608099061d388.jpeg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:c000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash c1770426c4004e066bb7c9050fbabcdfd18ac2727ae193e086b35d8281f47f49 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://stage.citizenrewards.mobi/home/1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 10 Apr 2020 03:26:18 GMT via 1.1 imageoptim-HOQDmf, 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 content-length 8843 last-modified Tue, 18 Feb 2020 15:26:26 GMT server cloudflare etag "im-n4w4/n/cIUnO1qzJia" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN strict-transport-security max-age=5184000; includeSubDomains content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 58195d928a1fbefb-FRA link <https://mbe-stage.s3.amazonaws.com/rewards/140/images/12079/78c7f40f22188606b4e608099061d388.jpeg>; rel="canonical" x-amz-cf-id CxVnk2d-rJAe8WJjWalG55Xa_DSsdOZlPMbuf2xri3CC1JoGxvEnVw==
GET H2	200	d09ccfb8c245c7f99d92bd05c78a5b52.jpeg d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/139/images/12075/	6 KB 7 KB	1483ms 1431ms	Image image/jpeg	2600:9000:21f3:c000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/139/images/12075/d09ccfb8c245c7f99d92bd05c78a5b52.jpeg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:c000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 9a9e10f6a59984860ba42bd0b0f844268c1550f757c16e7f72d09c28005e7e58 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://stage.citizenrewards.mobi/home/1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 10 Apr 2020 03:26:19 GMT via 1.1 imageoptim-SXnFdf, 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 content-length 6482 last-modified Thu, 13 Feb 2020 19:48:42 GMT server cloudflare etag "im-fNY6gBU57SBkXGy9nU" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN strict-transport-security max-age=5184000; includeSubDomains content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 58195d929f8ebf0f-FRA link <https://mbe-stage.s3.amazonaws.com/rewards/139/images/12075/d09ccfb8c245c7f99d92bd05c78a5b52.jpeg>; rel="canonical" x-amz-cf-id qxxLgU_L55jrrPrxzvpgrUowmBEqFy7py06FG9WAows8Uethi6yojw==
GET H2	200	0940f20b150e1d0621277af13851d3a9.jpeg d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/137/images/12071/	80 KB 81 KB	1279ms 1227ms	Image image/jpeg	2600:9000:21f3:c000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/137/images/12071/0940f20b150e1d0621277af13851d3a9.jpeg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:c000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 13794fb58602cc55292cdd5580dc582fa83f1a9054da658c7140452482d636e5 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://stage.citizenrewards.mobi/home/1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 10 Apr 2020 03:26:19 GMT via 1.1 imageoptim-2lf9bf, 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 content-length 82302 last-modified Thu, 13 Feb 2020 15:39:43 GMT server cloudflare etag "im-LqjI3lkONbbipTQ+Py" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN strict-transport-security max-age=5184000; includeSubDomains content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 58195d927a65c290-FRA link <https://mbe-stage.s3.amazonaws.com/rewards/137/images/12071/0940f20b150e1d0621277af13851d3a9.jpeg>; rel="canonical" x-amz-cf-id 0x8weFgPLYwFK0seXPyC2DUIpF_XQbRFy8YwPMpXbqC5r7BRsRIDdg==
GET H2	200	fe02f4ef6677c0a0f57e24778013c5a9.jpeg d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/92/images/9956/	62 KB 63 KB	1381ms 1333ms	Image image/jpeg	2600:9000:21f3:c000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/92/images/9956/fe02f4ef6677c0a0f57e24778013c5a9.jpeg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:c000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash bcab7cd568c27ae113c198b7e03397c5ef33c8c943650f4e3fad24119a643684 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://stage.citizenrewards.mobi/home/1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 10 Apr 2020 03:26:19 GMT via 1.1 imageoptim-PyXSSp, 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 content-length 63528 last-modified Mon, 20 Jan 2020 19:24:37 GMT server cloudflare etag "im-43FcVClOe6do9rB39w" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN strict-transport-security max-age=5184000; includeSubDomains content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 58195d927c6dc2a9-FRA link <https://mbe-stage.s3.amazonaws.com/rewards/92/images/9956/fe02f4ef6677c0a0f57e24778013c5a9.jpeg>; rel="canonical" x-amz-cf-id JIiLeIXz7rCNTIB3bu7WJ6XtriEy6awNjZlg0gREIswiaby5-VQuaA==
GET H2	200	e6511e8bb9693a548489575ce11d7eeb.jpeg d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/104/images/10007/	17 KB 18 KB	1091ms 1043ms	Image image/jpeg	2600:9000:21f3:c000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/104/images/10007/e6511e8bb9693a548489575ce11d7eeb.jpeg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:c000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 0cd182b7e3f10695efad6ec5c82f97ff32a38f886a0c0c3d027e723eca95090d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://stage.citizenrewards.mobi/home/1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 10 Apr 2020 03:26:19 GMT via 1.1 imageoptim-iZiBnf, 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 content-length 17619 last-modified Mon, 20 Jan 2020 19:24:03 GMT server cloudflare etag "im-Q/IVsUupUBSXHKvLxg" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN strict-transport-security max-age=5184000; includeSubDomains content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 58195d928ca11f39-FRA link <https://mbe-stage.s3.amazonaws.com/rewards/104/images/10007/e6511e8bb9693a548489575ce11d7eeb.jpeg>; rel="canonical" x-amz-cf-id J9TbZTKlJJL86yVPoGeDtl5yVnBPBesHgsAQNuzl3Rq3f3GdaLWweQ==
GET H2	200	baca633188ed7765651173ac18fe132b.jpeg d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/115/images/10058/	49 KB 50 KB	1037ms 1037ms	Image image/jpeg	2600:9000:21f3:c000:8:340:3c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2cowtu3m151jj.cloudfront.net/full/https://mbe-stage.s3.amazonaws.com/rewards/115/images/10058/baca633188ed7765651173ac18fe132b.jpeg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:c000:8:340:3c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 38cb8484746449a1123bbaf676a081be82506d335b3db862e40bbdca91826e79 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=5184000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://stage.citizenrewards.mobi/home/1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 10 Apr 2020 03:26:19 GMT via 1.1 imageoptim-nG9KKf, 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront status 200 server-timing miss alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 content-length 49864 last-modified Mon, 20 Jan 2020 19:24:07 GMT server cloudflare etag "im-5GDsRVGX9YjFmZJJm6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN strict-transport-security max-age=5184000; includeSubDomains content-type image/jpeg access-control-allow-origin * vary Accept-Encoding cache-control max-age=14400 content-security-policy upgrade-insecure-requests accept-ranges bytes cf-ray 58195d97cea8d6cd-FRA link <https://mbe-stage.s3.amazonaws.com/rewards/115/images/10058/baca633188ed7765651173ac18fe132b.jpeg>; rel="canonical" x-amz-cf-id kEZk-cnncBscX31673AfSqmQxb18wexMJsJtUpapRWbr_GF9n0zZhA==
GET H2	200	S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Lato:300,400,700,900 Origin https://stage.citizenrewards.mobi Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 01 Apr 2020 19:40:05 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:39 GMT server sffe age 719172 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 13912 x-xss-protection 0 expires Thu, 01 Apr 2021 19:40:05 GMT

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| webpackJsonp object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js(Line 14) Message: Download the React DevTools for a better development experience: https://fb.me/react-devtools
console-api	error	URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js(Line 6) Message: Warning: It looks like you're using a minified copy of the development build of React. When deploying React apps to production, make sure to use the production build which skips development warnings and is faster. See https://fb.me/react-minification for more details.
console-api	error	URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js(Line 28) Message: You are currently using minified code outside of NODE_ENV === 'production'. This means that you are running a slower development build of Redux. You can use loose-envify (https://github.com/zertosh/loose-envify) for browserify or DefinePlugin for webpack (http://stackoverflow.com/questions/30030031) to ensure you have the correct code for your production build.
console-api	log	URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js(Line 1) Message: Browser locale detected: en-US
console-api	log	URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js(Line 1) Message: request catch: [object Object]
console-api	log	URL: https://stage.citizenrewards.mobi/main.79bb84ac60286ffb00a0.js(Line 1) Message: request catch: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
d2cowtu3m151jj.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
logger.tribaltech.com
mbe-stage.tribaltech.com
stage.citizenrewards.mobi
2600:9000:21f3:c000:8:340:3c0:21
2606:4700::6810:85e5
2a00:1450:4001:814::2003
2a00:1450:4001:815::200a
3.224.82.82
52.6.131.49
54.175.173.217
0195a8a346d9b43161a4c83f4f39182fc2bec5e720a4875899e6d17368207118
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
0cd182b7e3f10695efad6ec5c82f97ff32a38f886a0c0c3d027e723eca95090d
13794fb58602cc55292cdd5580dc582fa83f1a9054da658c7140452482d636e5
1a3cf3da9b776ac65beb7d7c79dbfac8cfbe67570bae14adbfe452f632b07953
266071b682892d31db96d5017e1a8f6d4cbe99b4f4d5e5e29a3dc3ea3541aa3f
27b110fb12781785dbe6f36b38e9cc9221e22d60ca5865d53d44b567d7d392af
2c2b4e09685a2cf22ed239dec396862ac47ced0353e9db577fb661a86cf923da
2e7bbb63a6609710e53395cda0e902112c2cd4adafaadc8b9e60d5e1056eedec
38cb8484746449a1123bbaf676a081be82506d335b3db862e40bbdca91826e79
3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a
3bb5566549b5f53b55a8328d5b9a12a4da5944bc5b85b69395acdbf4ba8a757b
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
5efc748f47fb41336184d1055fd171d818b6f543056613e3a9802c5707fee697
6624736486cac05f858b2459e63bb03a14ec72dc39da1241fc41d6e7b4249039
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
7f1dc2593c229bf74ccec8f252c778873e2ead15337e3c53cd836ea96c7c056f
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
9a9e10f6a59984860ba42bd0b0f844268c1550f757c16e7f72d09c28005e7e58
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
bcab7cd568c27ae113c198b7e03397c5ef33c8c943650f4e3fad24119a643684
c1770426c4004e066bb7c9050fbabcdfd18ac2727ae193e086b35d8281f47f49
cf8fab6468d13524b3a1b21f1605372be9a4dd37ec0a7fb725fc10400a4459bf
d61a78d538bfd332d9391a6e7df5892c2c4d43f0eccfffc50b2d9ff1d678efc3
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
de783683927a0376fb4385002062c19953c306a861a3dd7b584c0e9d43bdfacd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9004fc4d09c758dbec96b427c170929120c7be8c24bb3eff00fb9e13a15ec8
ef58065a81e52b9920ce09ad5f96aee62addaf7e6c077213ce473fb7d8bd77ba
f411351e4f34672c18926b36739724d6fedd424ba94b7374c9d5d8223eba0701