urlscan.io logo urlscan.io
SecurityTrails logo

citieasydeals.com Open in urlscan Pro
204.93.223.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://citieasydeals.com.admin-eu.cas.ms/
Effective URL: https://citieasydeals.com/index.jsp
Submission: On September 03 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 8 domains to perform 23 HTTP transactions. The main IP is 204.93.223.69, located in University Park, United States and belongs to SERVERCENTRAL - Server Central Network, US. The main domain is citieasydeals.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 29th 2019. Valid for: 2 years.
This is the only time citieasydeals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 40.81.121.78 8075 (MICROSOFT...)
14 204.93.223.69 23352 (SERVERCEN...)
4 93.184.220.20 15133 (EDGECAST)
2 23.43.123.138 20940 (AKAMAI-ASN1)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
23 6
1    40.81.121.78 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
citieasydeals.com.admin-eu.cas.ms
14    204.93.223.69 (University Park, United States)

ASN23352 (SERVERCENTRAL - Server Central Network, US)
PTR: unknown.scnet.net
citieasydeals.com
4    93.184.220.20 (London, United Kingdom)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
www.drwmedia.com
2    23.43.123.138 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-43-123-138.deploy.static.akamaitechnologies.com
seal.verisign.com
seal.websecurity.norton.com
2    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
Domain Requested by
14 citieasydeals.com citieasydeals.com
4 www.drwmedia.com citieasydeals.com
2 www.google-analytics.com 1 redirects citieasydeals.com
1 stats.g.doubleclick.net citieasydeals.com
1 seal.websecurity.norton.com citieasydeals.com
1 seal.verisign.com citieasydeals.com
1 citieasydeals.com.admin-eu.cas.ms 1 redirects
0 www.travelredemptioncenter.com Failed citieasydeals.com
23 8

This site contains links to these domains. Also see Links.

Domain
online.citi.com
www.citi.com
Subject Issuer Validity Valid
citieasydeals.com
DigiCert SHA2 Extended Validation Server CA		 2019-04-29 -
2021-06-04		 2 years crt.sh
gp1.wac.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2019-01-29 -
2021-03-19		 2 years crt.sh
seal.websecurity.norton.com
DigiCert SHA2 Extended Validation Server CA		 2018-04-04 -
2020-04-03		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://citieasydeals.com/index.jsp
Frame ID: 7EB1AB6D79180D40733F6184EBC22E58
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://citieasydeals.com.admin-eu.cas.ms/ HTTP 307
    https://citieasydeals.com/ Page URL
  2. https://citieasydeals.com/index.jsp Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

23
Requests

96 %
HTTPS

33 %
IPv6

8
Domains

8
Subdomains

6
IPs

5
Countries

440 kB
Transfer

578 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://citieasydeals.com.admin-eu.cas.ms/ HTTP 307
    https://citieasydeals.com/ Page URL
  2. https://citieasydeals.com/index.jsp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://citieasydeals.com.admin-eu.cas.ms/ HTTP 307
  • https://citieasydeals.com/
Request Chain 20
  • https://www.google-analytics.com/r/collect?v=1&_v=j28&a=1224629752&t=pageview&_s=1&dl=https%3A%2F%2Fcitieasydeals.com%2Findex.jsp&ul=en-us&de=windows-1252&dt=Citi%20Easy%20Deals%3A%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=MEAAAEQBI~&jid=2128907256&cid=1242448113.1567499440&tid=UA-3160331-4&_r=1&z=588987237 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3160331-4&cid=1242448113.1567499440&jid=2128907256&_v=j28&z=588987237

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
citieasydeals.com/
Redirect Chain
  • https://citieasydeals.com.admin-eu.cas.ms/
  • https://citieasydeals.com/
85 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://citieasydeals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.93.223.69 University Park, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
unknown.scnet.net
Software
Apache /
Resource Hash
2bd1dbc5701b87f116d4ab5cea9c0b2ed84d342543be725b24db7e8a432dce0c

Request headers

Host
citieasydeals.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Date
Tue, 03 Sep 2019 08:30:39 GMT
Server
Apache
Last-Modified
Tue, 14 Aug 2018 23:51:37 GMT
ETag
"5032ef-55-5736de3fa1440"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
88
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Tue, 03 Sep 2019 08:30:38 GMT
Connection
keep-alive
Location
https://citieasydeals.com/
Strict-Transport-Security
max-age=31536000
Content-Length
140
X-MCAS-Request-Id
e537159c-b4f5-4e00-a2a7-790b2d7441e4
Primary Request Cookie set index.jsp
citieasydeals.com/ 		113 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citieasydeals.com/index.jsp
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.93.223.69 University Park, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
unknown.scnet.net
Software
Apache / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181439)/JBossWeb-2.0
Resource Hash
d062027d6818ce40fa94bfafe693b8b6bad43f0c7a966c0d771c6e97b35cfc86

Request headers

Host
citieasydeals.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Referer
https://citieasydeals.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://citieasydeals.com/

Response headers

Date
Tue, 03 Sep 2019 08:30:39 GMT
Server
Apache
X-Powered-By
Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181439)/JBossWeb-2.0
Set-Cookie
JSESSIONID=0631E9124E1DBECFCE6D7AED7D1FDADD.easydeals-12; Path=/; HttpOnly; Secure
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
expires
Mon Sep 03 04:30:39 EDT 2018
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
39562
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html;charset=ISO-8859-1
widget.ocbox.jsp
citieasydeals.com/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citieasydeals.com/css/widget.ocbox.jsp
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.93.223.69 University Park, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
unknown.scnet.net
Software
Apache / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181439)/JBossWeb-2.0
Resource Hash
1f313d5ca34d3cca2dd5e6805b255fcfa3a32d6e98437d2f1db9eaff121fa62d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/index.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 08:30:39 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181439)/JBossWeb-2.0
Vary
Accept-Encoding
Content-Type
text/css;charset=iso-8859-1
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
669
expires
Mon Sep 03 04:30:39 EDT 2018
styles.citi.login-v2.css
citieasydeals.com/css/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citieasydeals.com/css/styles.citi.login-v2.css
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.93.223.69 University Park, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
unknown.scnet.net
Software
Apache /
Resource Hash
eee49b542e0ee41962170958f21d9749b8a3c22f3065a71422a441d4ecb61836

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/index.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 08:30:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Oct 2018 12:57:17 GMT
Server
Apache
ETag
"5e00ae-7ac2-5777acfa58540"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6751
logo_cititier.png
citieasydeals.com/img/logo/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citieasydeals.com/img/logo/logo_cititier.png
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.93.223.69 University Park, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
unknown.scnet.net
Software
Apache /
Resource Hash
0d642bec67f8c65ecc5db809a5c7203dff777e8ff74e976e326a8b4226b512a9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/index.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 08:30:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Aug 2018 23:51:36 GMT
Server
Apache
ETag
"2317b-1d80-5736de3ead200"
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7561
basetier.jpg
www.drwmedia.com/catalogimages/sitemedia/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.drwmedia.com/catalogimages/sitemedia/basetier.jpg
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.20 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A6) /
Resource Hash
b435d41ca3851bfff93849cbc7c5ff57bd95e7cfb2881d310a869341064973ff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/index.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 08:30:39 GMT
content-encoding
gzip
last-modified
Tue, 01 Nov 2016 14:18:02 GMT
server
ECS (fcn/41A6)
etag
"114f6-5403dfdfdba80-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
70839
cit_0419_site_media_image_update_hp_w21166958_Enhanced.jpg
www.drwmedia.com/catalogimages/sitemedia/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.drwmedia.com/catalogimages/sitemedia/cit_0419_site_media_image_update_hp_w21166958_Enhanced.jpg
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.20 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash
43211b793b9a92e5365ab87750b77c6966f7ebadad19136bb00d9c1bb4ab2878

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/index.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 08:30:59 GMT
content-encoding
gzip
last-modified
Tue, 07 May 2019 20:48:10 GMT
server
ECS (fcn/40EB)
etag
"ed7f-5885255b25680-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
60474
cit_0419_site_media_image_update_hp_w21166958_Plus.jpg
www.drwmedia.com/catalogimages/sitemedia/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.drwmedia.com/catalogimages/sitemedia/cit_0419_site_media_image_update_hp_w21166958_Plus.jpg
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.20 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40D0) /
Resource Hash
74f45bffbbe0baec44b73205a90e2b818428da9f86268ccbdb620a4477141738

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/index.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 08:30:39 GMT
content-encoding
gzip
last-modified
Tue, 07 May 2019 20:48:14 GMT
server
ECS (fcn/40D0)
etag
"ad43-5885255ef5f80-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
43833
getseal
seal.verisign.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://seal.verisign.com/getseal?host_name=citieasydeals.com&use_flash=NO&size=S
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.123.138 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-43-123-138.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
639c96982d96b330d58aa9054d5a66c08702d17cd1378e0c4992637620b25377

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/index.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 08:30:39 GMT
Cache-Control
must-revalidate, max-age=2745
Server
nginx/1.14.2
Connection
keep-alive
ETag
SECURE-20181030193203
Content-Length
2713
Content-Type
text/javascript
scripts.gadr.js
citieasydeals.com/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citieasydeals.com/scripts/scripts.gadr.js
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.93.223.69 University Park, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
unknown.scnet.net
Software
Apache /
Resource Hash
a5d76d91313477e4247987d312bffd3f0aa0b65b2c9cb5a27e8a5cc7ded92ece

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/index.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 08:30:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Aug 2018 23:51:39 GMT
Server
Apache
ETag
"920-2a88-5736de41898c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3401
jquery.validate.js
citieasydeals.com/js/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citieasydeals.com/js/jquery.validate.js
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.93.223.69 University Park, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
unknown.scnet.net
Software
Apache /
Resource Hash
d4e016c005fbaa90702bf00dc12e5d51e14db33b3efb34d7368fe81676f95b82

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/index.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 08:30:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Aug 2018 23:51:37 GMT
Server
Apache
ETag
"603709-64d7-5736de3fa1440"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
6954
login_form_bg.jpg
citieasydeals.com/img/citi/login/ 		377 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citieasydeals.com/img/citi/login/login_form_bg.jpg
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.93.223.69 University Park, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
unknown.scnet.net
Software
Apache /
Resource Hash
28f3e5eff8491266d1d7ef1e5c609e706e3abc68eed058b20a218950b4172bb7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/css/styles.citi.login-v2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 08:30:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Aug 2018 23:51:33 GMT
Server
Apache
ETag
"20798-179-5736de3bd0b40"
Vary
Accept-Encoding
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
233
btn_sign_on_new.png
citieasydeals.com/img/citi/btn/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citieasydeals.com/img/citi/btn/btn_sign_on_new.png
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.93.223.69 University Park, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
unknown.scnet.net
Software
Apache /
Resource Hash
f9fd70c4e1a771968dc2b250e34a27f1eaf141fc63e5c4ef394b0b192c218bac

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/css/styles.citi.login-v2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 08:30:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Aug 2018 23:51:33 GMT
Server
Apache
ETag
"2071b-919-5736de3bd0b40"
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2062
opacity.png
citieasydeals.com/img/citi/outline/ 		109 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citieasydeals.com/img/citi/outline/opacity.png
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.93.223.69 University Park, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
unknown.scnet.net
Software
Apache /
Resource Hash
fae72e3ee6480f03dcd656cd0bc418fe4b0474a49b2a18fa24639d8276092a27

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/css/styles.citi.login-v2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 08:30:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Aug 2018 23:51:33 GMT
Server
Apache
ETag
"2218f-6d-5736de3bd0b40"
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
121
btn-arrow.png
citieasydeals.com/img/citi/buttons/ 		258 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citieasydeals.com/img/citi/buttons/btn-arrow.png
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.93.223.69 University Park, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
unknown.scnet.net
Software
Apache /
Resource Hash
d546bed00e3842c031794dd690409d041f1e6122257e6a2e481d8a1319d7a5d3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/css/styles.citi.login-v2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 08:30:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Aug 2018 23:51:33 GMT
Server
Apache
ETag
"206a2-102-5736de3bd0b40"
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
278
divider.jpg
citieasydeals.com/img/citi/outline/ 		893 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citieasydeals.com/img/citi/outline/divider.jpg
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.93.223.69 University Park, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
unknown.scnet.net
Software
Apache /
Resource Hash
3aabb7734a087373704467bf5dc7ddeafb436641f132b16a561576ba70bef02c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/css/styles.citi.login-v2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 08:30:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Aug 2018 23:51:33 GMT
Server
Apache
ETag
"216f8-37d-5736de3bd0b40"
Vary
Accept-Encoding
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
695
logo_citi_footer.png
citieasydeals.com/img/citi/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citieasydeals.com/img/citi/logo_citi_footer.png
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.93.223.69 University Park, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
unknown.scnet.net
Software
Apache /
Resource Hash
ffcbf6e75fabace442a31cd58009df2a85e0429986467f864e7b31cb11527e7c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/css/styles.citi.login-v2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 08:30:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Aug 2018 23:51:33 GMT
Server
Apache
ETag
"205c4-40e-5736de3bd0b40"
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1061
getseal
seal.websecurity.norton.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://seal.websecurity.norton.com/getseal?at=0&sealid=2&dn=citieasydeals.com&lang=en&tpt=transparent
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.123.138 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-43-123-138.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 /
Resource Hash
adf76e2b525174befd7108ae774141882f52a466bab0fa34a72bf65eaf738339

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/index.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 08:30:39 GMT
Cache-Control
must-revalidate, max-age=2712
Server
nginx/1.14.0
Connection
keep-alive
ETag
SECURE-20181030193203
Content-Length
3616
Content-Type
image/gif
scripts.analytics.js
citieasydeals.com/scripts/ 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citieasydeals.com/scripts/scripts.analytics.js
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/scripts/scripts.gadr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.93.223.69 University Park, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
unknown.scnet.net
Software
Apache /
Resource Hash
02a3b1d75e1e8ea733832de7b2a64354afe3c749e0dd294434a1b307f14b57b8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/index.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 08:30:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Aug 2018 23:51:39 GMT
Server
Apache
ETag
"8d9-63e1-5736de41898c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
11287
logout.aspx
www.travelredemptioncenter.com/web/customer/ 		0
0
Citi_Redesign_TierUpdate.jpg
www.drwmedia.com/catalogimages/sitemedia/ 		181 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.drwmedia.com/catalogimages/sitemedia/Citi_Redesign_TierUpdate.jpg
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.20 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40D8) /
Resource Hash
78ae85e306bff07cd1db4fa7c934fae0f19be8f101aab96da7b18f848a6ac590

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/index.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 08:30:40 GMT
content-encoding
gzip
last-modified
Tue, 01 Nov 2016 21:11:21 GMT
server
ECS (fcn/40D8)
etag
"2d378-54043c4207040-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
181773
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j28&a=1224629752&t=pageview&_s=1&dl=https%3A%2F%2Fcitieasydeals.com%2Findex.jsp&ul=en-us&de=windows-1252&dt=Citi%20Easy%20Deals%3A%20Login&sd=24-bi...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3160331-4&cid=1242448113.1567499440&jid=2128907256&_v=j28&z=588987237
35 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3160331-4&cid=1242448113.1567499440&jid=2128907256&_v=j28&z=588987237
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://citieasydeals.com/index.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 03 Sep 2019 08:30:39 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Sep 2019 08:30:39 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3160331-4&cid=1242448113.1567499440&jid=2128907256&_v=j28&z=588987237
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
367
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j28&a=1224629752&t=event&_s=2&dl=https%3A%2F%2Fcitieasydeals.com%2Findex.jsp&ul=en-us&de=windows-1252&dt=Citi%20Easy%20Deals%3A%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=PageLoadTime&ea=bucket%20(ms)%3A%200-999&el=%2Findex.jsp&ev=80&_u=MEAAAEQFI~&jid=&cid=1242448113.1567499440&tid=UA-3160331-4&z=1816451205
Requested by
Host: citieasydeals.com
URL: https://citieasydeals.com/index.jsp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://citieasydeals.com/index.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2019 03:00:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
451801
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.travelredemptioncenter.com
URL
https://www.travelredemptioncenter.com/web/customer/logout.aspx

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| u5 undefined| sopener function| symcBuySSL function| vrsn_splash number| ver string| v_ua object| re boolean| v_old_ie function| v_mact function| v_mDown function| v_resized string| dn string| lang string| tpt string| vrsn_style string| splash_url string| sslcenter_url string| seal_url string| u1 string| u2 object| _gadr function| addLabels function| flashEnded object| welcomeTabs function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| x number| loadTime string| bucketString object| gaplugins object| gaGlobal

3 Cookies

Domain/Path Name / Value
.citieasydeals.com/ Name: _gat
Value: 1
.citieasydeals.com/ Name: _ga
Value: GA1.2.1242448113.1567499440
citieasydeals.com/ Name: JSESSIONID
Value: 0631E9124E1DBECFCE6D7AED7D1FDADD.easydeals-12

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

citieasydeals.com
citieasydeals.com.admin-eu.cas.ms
seal.verisign.com
seal.websecurity.norton.com
stats.g.doubleclick.net
www.drwmedia.com
www.google-analytics.com
www.travelredemptioncenter.com
www.travelredemptioncenter.com
204.93.223.69
23.43.123.138
2a00:1450:4001:81a::200e
2a00:1450:400c:c04::9a
40.81.121.78
93.184.220.20
02a3b1d75e1e8ea733832de7b2a64354afe3c749e0dd294434a1b307f14b57b8
0d642bec67f8c65ecc5db809a5c7203dff777e8ff74e976e326a8b4226b512a9
1f313d5ca34d3cca2dd5e6805b255fcfa3a32d6e98437d2f1db9eaff121fa62d
28f3e5eff8491266d1d7ef1e5c609e706e3abc68eed058b20a218950b4172bb7
2bd1dbc5701b87f116d4ab5cea9c0b2ed84d342543be725b24db7e8a432dce0c
3aabb7734a087373704467bf5dc7ddeafb436641f132b16a561576ba70bef02c
43211b793b9a92e5365ab87750b77c6966f7ebadad19136bb00d9c1bb4ab2878
639c96982d96b330d58aa9054d5a66c08702d17cd1378e0c4992637620b25377
74f45bffbbe0baec44b73205a90e2b818428da9f86268ccbdb620a4477141738
78ae85e306bff07cd1db4fa7c934fae0f19be8f101aab96da7b18f848a6ac590
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a5d76d91313477e4247987d312bffd3f0aa0b65b2c9cb5a27e8a5cc7ded92ece
adf76e2b525174befd7108ae774141882f52a466bab0fa34a72bf65eaf738339
b435d41ca3851bfff93849cbc7c5ff57bd95e7cfb2881d310a869341064973ff
d062027d6818ce40fa94bfafe693b8b6bad43f0c7a966c0d771c6e97b35cfc86
d4e016c005fbaa90702bf00dc12e5d51e14db33b3efb34d7368fe81676f95b82
d546bed00e3842c031794dd690409d041f1e6122257e6a2e481d8a1319d7a5d3
eee49b542e0ee41962170958f21d9749b8a3c22f3065a71422a441d4ecb61836
f9fd70c4e1a771968dc2b250e34a27f1eaf141fc63e5c4ef394b0b192c218bac
fae72e3ee6480f03dcd656cd0bc418fe4b0474a49b2a18fa24639d8276092a27
ffcbf6e75fabace442a31cd58009df2a85e0429986467f864e7b31cb11527e7c