Submitted URL: http://www.searscard.com/
Effective URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Submission: On April 12 via manual from SG — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 9 domains to perform 22 HTTP transactions. The main IP is 35.190.22.40, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is citicards.citi.com. The Cisco Umbrella rank of the primary domain is 238535.
TLS certificate: Issued by DigiCert EV RSA CA G2 on March 25th 2022. Valid for: a year.
This is the only time citicards.citi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 184.86.251.15 20940 (AKAMAI-ASN1)
15 35.190.22.40 15169 (GOOGLE)
2 34.107.138.236 15169 (GOOGLE)
1 1 104.89.40.9 16625 (AKAMAI-AS)
1 2 142.250.186.166 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a03:2880:f12... 32934 (FACEBOOK)
22 6
Apex Domain
Subdomains
Transfer
14 citi.com
citicards.citi.com — Cisco Umbrella Rank: 238535
209 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
37 KB
2 doubleclick.net
6397054.fls.doubleclick.net — Cisco Umbrella Rank: 604495
1 KB
2 bridgetrack.com
sec-citi.bridgetrack.com — Cisco Umbrella Rank: 217893
citi.bridgetrack.com — Cisco Umbrella Rank: 128647
272 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
297 B
1 typography.com
cloud.typography.com — Cisco Umbrella Rank: 5612
466 B
1 citibankonline.com
cdn.digitalmarketing.citibankonline.com — Cisco Umbrella Rank: 51718
4 KB
1 searscard.com
www.searscard.com
274 B
0 google.com Failed
adservice.google.com Failed
22 9
Domain Requested by
14 citicards.citi.com citicards.citi.com
2 connect.facebook.net citicards.citi.com
connect.facebook.net
2 6397054.fls.doubleclick.net 1 redirects citicards.citi.com
1 citi.bridgetrack.com citicards.citi.com
1 www.facebook.com citicards.citi.com
1 sec-citi.bridgetrack.com citicards.citi.com
1 cloud.typography.com 1 redirects
1 cdn.digitalmarketing.citibankonline.com citicards.citi.com
1 www.searscard.com 1 redirects
0 adservice.google.com Failed 6397054.fls.doubleclick.net
22 10

This site contains links to these domains. Also see Links.

Domain
www.sears.com
www.shopyourway.com
online.citi.com
citi.bridgetrack.com
Subject Issuer Validity Valid
citicards.citi.com
DigiCert EV RSA CA G2
2022-03-25 -
2023-04-21
a year crt.sh
cdn.digitalmarketing.citibankonline.com
DigiCert SHA2 Extended Validation Server CA
2020-06-24 -
2022-06-25
2 years crt.sh
*.doubleclick.net
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-01-19 -
2022-04-19
3 months crt.sh
citi.bridgetrack.com
Thawte EV RSA CA 2018
2022-03-15 -
2023-04-15
a year crt.sh

This page contains 3 frames:

Primary Page: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Frame ID: 267E3A7F13CAD30C0AB46D18D744069E
Requests: 24 HTTP requests in this frame

Frame: https://6397054.fls.doubleclick.net/activityi;dc_pre=CNHx5_K4jfcCFVDF1Qod3oIMqg;src=6397054;type=sears0;cat=sears00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2136756165273.69
Frame ID: 45584AE63C617131AD6AB518AB634242
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNHx5_K4jfcCFVDF1Qod3oIMqg;src=6397054;type=sears0;cat=sears00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2136756165273.69;~oref=https://citicards.citi.com/
Frame ID: C01069A5565356054EAA37726E96AE8F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Apply for a Sears Credit Card or a Sears Mastercard®

Page URL History Show full URLs

  1. http://www.searscard.com/ HTTP 301
    https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

22
Requests

91 %
HTTPS

29 %
IPv6

9
Domains

10
Subdomains

6
IPs

2
Countries

554 kB
Transfer

792 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.searscard.com/ HTTP 301
    https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://cloud.typography.com/7919714/6255752/css/fonts.css HTTP 302
  • https://sec-citi.bridgetrack.com/fonts/576019/BE6410757169DC012.css
Request Chain 4
  • https://6397054.fls.doubleclick.net/activityi;src=6397054;type=sears0;cat=sears00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2136756165273.69 HTTP 302
  • https://6397054.fls.doubleclick.net/activityi;dc_pre=CNHx5_K4jfcCFVDF1Qod3oIMqg;src=6397054;type=sears0;cat=sears00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2136756165273.69

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request home.htm
citicards.citi.com/crs/searscard/
Redirect Chain
  • http://www.searscard.com/
  • https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
146 KB
61 KB
Document
General
Full URL
https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.22.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.22.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f63994e324d78e90e70c00adeb0a92253c315aa4506b07c760b1d38e828bda0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
61593
content-type
text/html
date
Tue, 12 Apr 2022 02:09:49 GMT
expires
Mon, 11 Apr 2022 02:09:49 GMT
p3p
CP="NON DSP COR DEVa PSAa IVAo CONo OUR IND UNI PUR NAV DEM LOC", policyref="http://citi.bridgetrack.com/w3c/p3p.xml"
vary
Accept-Encoding
via
1.1 google
x-frame-options
SAMEORIGIN DENY

Redirect headers

Connection
keep-alive
Content-Length
313
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 12 Apr 2022 02:09:49 GMT
Location
https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
cookie.pref.js
cdn.digitalmarketing.citibankonline.com/dmar/js/
8 KB
4 KB
Script
General
Full URL
https://cdn.digitalmarketing.citibankonline.com/dmar/js/cookie.pref.js
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.138.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.138.107.34.bc.googleusercontent.com
Software
/
Resource Hash
cd1a0f83657d048ed6c7656440860ec772ce1a56277c3f51a0d719aa95f93c8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 22:45:18 GMT
via
1.1 google
last-modified
Fri, 11 Dec 2020 20:47:53 GMT
age
12272
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,s-maxage=3600,max-age=3600
accept-ranges
bytes
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3671
BE6410757169DC012.css
sec-citi.bridgetrack.com/fonts/576019/
Redirect Chain
  • https://cloud.typography.com/7919714/6255752/css/fonts.css
  • https://sec-citi.bridgetrack.com/fonts/576019/BE6410757169DC012.css
255 KB
272 KB
Stylesheet
General
Full URL
https://sec-citi.bridgetrack.com/fonts/576019/BE6410757169DC012.css
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H2
Server
34.107.138.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.138.107.34.bc.googleusercontent.com
Software
/
Resource Hash
88d6e44ca54f2e7f3455d398f195d1af72958df0a3f452741872e09272c62759

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 19:49:47 GMT
via
1.1 google
last-modified
Thu, 25 May 2017 16:08:24 GMT
age
22804
vary
Accept-Encoding
content-type
text/css
cache-control
public,s-maxage=3600,max-age=3600
accept-ranges
bytes
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Date
Tue, 12 Apr 2022 02:09:51 GMT
Last-Modified
Thu, 25 May 2017 17:15:32 GMT
Server
AkamaiNetStorage
ETag
"0bd1fb075a7a6bc54b1b6ae53aa13fc8:1495732532"
Vary
Accept-Encoding
Content-Type
text/html
Location
https://sec-citi.bridgetrack.com/fonts/576019/BE6410757169DC012.css
Cache-Control
must-revalidate, private
Connection
keep-alive
X-HCo-pid
16
Content-Length
154
Expires
Tue, 12 April 2022 02:09:50 GMT
0.bundle.js
citicards.citi.com/crs/searscard/js/
16 KB
7 KB
Script
General
Full URL
https://citicards.citi.com/crs/searscard/js/0.bundle.js
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.22.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.22.190.35.bc.googleusercontent.com
Software
/
Resource Hash
025c8e86b593c3cda586cd916757e6ade0ed48d58d11809f0336c9256e565f6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 02:09:50 GMT
content-encoding
gzip
last-modified
Wed, 11 Aug 2021 15:55:12 GMT
etag
"0308744c98ed71:0"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6687
3.bundle.js
citicards.citi.com/crs/searscard/js/
11 KB
3 KB
Script
General
Full URL
https://citicards.citi.com/crs/searscard/js/3.bundle.js
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.22.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.22.190.35.bc.googleusercontent.com
Software
/
Resource Hash
f884aaffdff78925b65d5cab1e23ce5350ac0aa1def57964ee00c032ed910a8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 02:09:50 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 21:43:50 GMT
etag
"06fde167bb5d71:0"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3170
activityi;dc_pre=CNHx5_K4jfcCFVDF1Qod3oIMqg;src=6397054;type=sears0;cat=sears00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2136756165273.69
6397054.fls.doubleclick.net/ Frame 4558
Redirect Chain
  • https://6397054.fls.doubleclick.net/activityi;src=6397054;type=sears0;cat=sears00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2136756165273.69?
  • https://6397054.fls.doubleclick.net/activityi;dc_pre=CNHx5_K4jfcCFVDF1Qod3oIMqg;src=6397054;type=sears0;cat=sears00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2136756165273.69?
491 B
400 B
Document
General
Full URL
https://6397054.fls.doubleclick.net/activityi;dc_pre=CNHx5_K4jfcCFVDF1Qod3oIMqg;src=6397054;type=sears0;cat=sears00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2136756165273.69?
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
625296e75e0dced807927dc9c4d3a287985a201713a48875c9c82da48b790566
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://citicards.citi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
375
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Apr 2022 02:09:51 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Apr 2022 02:09:51 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://6397054.fls.doubleclick.net/activityi;dc_pre=CNHx5_K4jfcCFVDF1Qod3oIMqg;src=6397054;type=sears0;cat=sears00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2136756165273.69?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/
99 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
vyhlEBQoZxhwe7rSjBkfPiP6IFlXWTyx1E5izCLkpkJrIwNQy4kgcDqN8F2560VQCkj8503aBo4xWWl/eCtAQA==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Tue, 12 Apr 2022 02:09:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
1781982108516082
connect.facebook.net/signals/config/
41 KB
11 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1781982108516082?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
448d5cfc9e0fc163627f76e76d034eed1f9a83c8a6b4b84aa0db652e9b618286
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
yJSIb0Odi6uzWcTer5I8A9uxAqtiHNKTwHXHXMPlwSN4f/aWA+EyYSaaC5pUUdI3GK/00dT5pUjvcM7clEY+TQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 12 Apr 2022 02:09:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
5.bundle.js
citicards.citi.com/crs/searscard/js/
19 KB
6 KB
Script
General
Full URL
https://citicards.citi.com/crs/searscard/js/5.bundle.js
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.22.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.22.190.35.bc.googleusercontent.com
Software
/
Resource Hash
127030d7070fb45aac3ae4c5cae35e40195b1a4d8c3ba732d695f926a68ed159

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 02:09:51 GMT
content-encoding
gzip
last-modified
Wed, 11 Aug 2021 15:55:12 GMT
etag
"0308744c98ed71:0"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5823
2.bundle.js
citicards.citi.com/crs/searscard/js/
43 KB
10 KB
Script
General
Full URL
https://citicards.citi.com/crs/searscard/js/2.bundle.js
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.22.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.22.190.35.bc.googleusercontent.com
Software
/
Resource Hash
cfefe783fd3622461a2d138d23f420ddf2ccbfdfa26b603601fb496a2a013eab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 02:09:50 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 21:43:50 GMT
etag
"06fde167bb5d71:0"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9738
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1781982108516082&ev=PageView&dl=https%3A%2F%2Fciticards.citi.com%2Fcrs%2Fsearscard%2Fhome.htm%3FBT_TX%3D1%26ProspectID%3D86C11ED05D7A4EC4A80C72D2781687FD&rl=&if=false&ts=1649729391484&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=28&fbp=fb.1.1649729391483.685583058&it=1649729391399&coo=false&rqm=GET
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 02:09:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 12 Apr 2022 02:09:51 GMT
/
adservice.google.com/ddm/fls/i/dc_pre=CNHx5_K4jfcCFVDF1Qod3oIMqg;src=6397054;type=sears0;cat=sears00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2136756165273.69;~oref=https://citicards... Frame C010
0
0

SYW-MC.png
citicards.citi.com/crs/searscard/images/
7 KB
7 KB
Image
General
Full URL
https://citicards.citi.com/crs/searscard/images/SYW-MC.png
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.22.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.22.190.35.bc.googleusercontent.com
Software
/
Resource Hash
b8ea714ec80bddb6f87aac6f0cb6ef82460a83a02f5852386de335af54e3aa05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 02:09:51 GMT
via
1.1 google
last-modified
Mon, 03 May 2021 20:17:12 GMT
etag
"0d4114d5940d71:0"
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7644
Sears.png
citicards.citi.com/crs/searscard/images/
8 KB
8 KB
Image
General
Full URL
https://citicards.citi.com/crs/searscard/images/Sears.png
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.22.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.22.190.35.bc.googleusercontent.com
Software
/
Resource Hash
454c455c7827f2aa934809c0e17855dcbddc22e695ce490f334e6d194a043b24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 02:09:51 GMT
via
1.1 google
last-modified
Wed, 11 Aug 2021 15:55:14 GMT
etag
"05db845c98ed71:0"
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8150
SearsMCTY.png
citicards.citi.com/crs/searscard/images/
6 KB
6 KB
Image
General
Full URL
https://citicards.citi.com/crs/searscard/images/SearsMCTY.png
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.22.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.22.190.35.bc.googleusercontent.com
Software
/
Resource Hash
1688b43815570851784814c451a4d36cf8f31da1c2cd2b6bf348dfd2aa7fc7e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 02:09:51 GMT
via
1.1 google
last-modified
Wed, 11 Aug 2021 15:55:14 GMT
etag
"05db845c98ed71:0"
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6278
SearsMC.png
citicards.citi.com/crs/searscard/images/
8 KB
8 KB
Image
General
Full URL
https://citicards.citi.com/crs/searscard/images/SearsMC.png
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.22.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.22.190.35.bc.googleusercontent.com
Software
/
Resource Hash
8e450dd11643397584755a14b0849ac0870b163b97ba8438810b4ae0c129145f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 02:09:51 GMT
via
1.1 google
last-modified
Mon, 03 May 2021 20:17:12 GMT
etag
"0d4114d5940d71:0"
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8604
SearsHI.png
citicards.citi.com/crs/searscard/images/
9 KB
9 KB
Image
General
Full URL
https://citicards.citi.com/crs/searscard/images/SearsHI.png
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.22.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.22.190.35.bc.googleusercontent.com
Software
/
Resource Hash
06a71477117b9dc54f829150b74fe54814be95714f2bfb97613beade94fa0155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 02:09:50 GMT
via
1.1 google
last-modified
Wed, 11 Aug 2021 15:55:14 GMT
etag
"05db845c98ed71:0"
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9208
stacked-cards.png
citicards.citi.com/crs/searscard/images/
13 KB
13 KB
Image
General
Full URL
https://citicards.citi.com/crs/searscard/images/stacked-cards.png
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.22.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.22.190.35.bc.googleusercontent.com
Software
/
Resource Hash
f429989cf665db32afbfd8e05144b6fa17673be98e4b71a160938eada66b13ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 02:09:51 GMT
via
1.1 google
last-modified
Mon, 03 May 2021 20:17:12 GMT
etag
"0d4114d5940d71:0"
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13357
/
citi.bridgetrack.com/track/
43 B
657 B
Image
General
Full URL
https://citi.bridgetrack.com/track/?id=61399&r=76319402.45321713
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.22.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.22.190.35.bc.googleusercontent.com
Software
/
Resource Hash
63b98a0c8568c08fd01a6946a147bca65eff26c8085f1ccb5330aafe0f0dcd15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 02:09:51 GMT
via
1.1 google
p3p
CP="NON DSP COR DEVa PSAa IVAo CONo OUR IND UNI PUR NAV DEM LOC", policyref="http://citi.bridgetrack.com/w3c/p3p.xml"
cache-control
private
content-type
image/GIF
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 11 Apr 2022 02:09:52 GMT
icons.png
citicards.citi.com/crs/searscard/images/
34 KB
34 KB
Image
General
Full URL
https://citicards.citi.com/crs/searscard/images/icons.png
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.22.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.22.190.35.bc.googleusercontent.com
Software
/
Resource Hash
f11ea944f935eaf7b38e1e6a064214c4d137f305bc49a11d46ab95a4807bba16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 02:09:51 GMT
via
1.1 google
last-modified
Wed, 11 Aug 2021 15:55:12 GMT
etag
"0308744c98ed71:0"
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35263
pattern-bg.png
citicards.citi.com/crs/searscard/images/
4 KB
4 KB
Image
General
Full URL
https://citicards.citi.com/crs/searscard/images/pattern-bg.png
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.22.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.22.190.35.bc.googleusercontent.com
Software
/
Resource Hash
21e26da44ece6dd7e34dea386e0a00a775bc16223bf0b9b8b9b9fda57f5f3245

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 02:09:50 GMT
via
1.1 google
last-modified
Mon, 10 Feb 2020 17:53:46 GMT
etag
"0716ea3be0d51:0"
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4365
blur-bkgrd.jpg
citicards.citi.com/crs/searscard/images/
32 KB
32 KB
Image
General
Full URL
https://citicards.citi.com/crs/searscard/images/blur-bkgrd.jpg
Requested by
Host: citicards.citi.com
URL: https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.22.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.22.190.35.bc.googleusercontent.com
Software
/
Resource Hash
3678c9e8b08abd743264e34dfa10643cd76b677e72adcf07df80d387e79422ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citicards.citi.com/crs/searscard/home.htm?BT_TX=1&ProspectID=86C11ED05D7A4EC4A80C72D2781687FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 02:09:51 GMT
via
1.1 google
last-modified
Mon, 10 Feb 2020 17:53:40 GMT
etag
"0eada63be0d51:0"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33224
truncated
/
11 KB
11 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04e86fcf247e2d9809596331db17a2a0d3efe9c9bf1d8d9babd04645286ee68c

Request headers

Referer
Origin
https://citicards.citi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/
11 KB
11 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0d937b32b0a1fa6bbdcc5389f695a36147c1b3ba869ecc507b765adf0300393

Request headers

Referer
Origin
https://citicards.citi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/
4 KB
4 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66e62306d1b6f738c7095c9577957ff21f80d62ed611768eee45d1cf833512c

Request headers

Referer
Origin
https://citicards.citi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/
4 KB
4 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7b78ab3994d3f6de37b359cc3d243d44caca23578c342b6f3966dda1cb9fd70

Request headers

Referer
Origin
https://citicards.citi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
application/x-font-woff2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adservice.google.com
URL
https://adservice.google.com/ddm/fls/i/dc_pre=CNHx5_K4jfcCFVDF1Qod3oIMqg;src=6397054;type=sears0;cat=sears00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2136756165273.69;~oref=https://citicards.citi.com/

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| CitiCookiePref function| TrackPixel object| opsVars object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime string| axel number| a function| fbq function| _fbq string| szPixSrcURL

3 Cookies

Domain/Path Name / Value
citicards.citi.com/ Name: CitiBTSES
Value: SID=C99B4BE273E5467E88416B27D1DE7079
.citi.com/ Name: _fbp
Value: fb.1.1649729391483.685583058
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6397054.fls.doubleclick.net
adservice.google.com
cdn.digitalmarketing.citibankonline.com
citi.bridgetrack.com
citicards.citi.com
cloud.typography.com
connect.facebook.net
sec-citi.bridgetrack.com
www.facebook.com
www.searscard.com
adservice.google.com
104.89.40.9
142.250.186.166
184.86.251.15
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.107.138.236
35.190.22.40
025c8e86b593c3cda586cd916757e6ade0ed48d58d11809f0336c9256e565f6d
04e86fcf247e2d9809596331db17a2a0d3efe9c9bf1d8d9babd04645286ee68c
06a71477117b9dc54f829150b74fe54814be95714f2bfb97613beade94fa0155
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127030d7070fb45aac3ae4c5cae35e40195b1a4d8c3ba732d695f926a68ed159
1688b43815570851784814c451a4d36cf8f31da1c2cd2b6bf348dfd2aa7fc7e3
21e26da44ece6dd7e34dea386e0a00a775bc16223bf0b9b8b9b9fda57f5f3245
3678c9e8b08abd743264e34dfa10643cd76b677e72adcf07df80d387e79422ea
448d5cfc9e0fc163627f76e76d034eed1f9a83c8a6b4b84aa0db652e9b618286
454c455c7827f2aa934809c0e17855dcbddc22e695ce490f334e6d194a043b24
4f63994e324d78e90e70c00adeb0a92253c315aa4506b07c760b1d38e828bda0
625296e75e0dced807927dc9c4d3a287985a201713a48875c9c82da48b790566
63b98a0c8568c08fd01a6946a147bca65eff26c8085f1ccb5330aafe0f0dcd15
88d6e44ca54f2e7f3455d398f195d1af72958df0a3f452741872e09272c62759
8e450dd11643397584755a14b0849ac0870b163b97ba8438810b4ae0c129145f
b66e62306d1b6f738c7095c9577957ff21f80d62ed611768eee45d1cf833512c
b8ea714ec80bddb6f87aac6f0cb6ef82460a83a02f5852386de335af54e3aa05
cd1a0f83657d048ed6c7656440860ec772ce1a56277c3f51a0d719aa95f93c8d
cfefe783fd3622461a2d138d23f420ddf2ccbfdfa26b603601fb496a2a013eab
d0d937b32b0a1fa6bbdcc5389f695a36147c1b3ba869ecc507b765adf0300393
f11ea944f935eaf7b38e1e6a064214c4d137f305bc49a11d46ab95a4807bba16
f429989cf665db32afbfd8e05144b6fa17673be98e4b71a160938eada66b13ff
f7b78ab3994d3f6de37b359cc3d243d44caca23578c342b6f3966dda1cb9fd70
f884aaffdff78925b65d5cab1e23ce5350ac0aa1def57964ee00c032ed910a8a